The state-sponsored Lazarus Group has launched a sophisticated campaign targeting European drone manufacturers under the guise of fake “dream job” offers. As defense firms fall prey to malware disguised in recruitment documents, the threat to aerospace and UAV innovation escalates. This article breaks down how the attack works, what it aims to achieve and how to defend.
KONNI operators hijack Google accounts, pivot into Find Hub, track target locations, and trigger remote resets on Android blending valid features with malicious intent while evading conventional controls.
Cybersecurity researchers have uncovered a new form of supply chain attack hidden within the npm ecosystem. A malicious npm package was discovered embedding malware inside steganographic QR codes, a technique designed to slip past traditional security defenses. The attack highlights growing risks in opensource software dependencies and developer tools How the Malware Works The compromised…
Newly disclosed vulnerabilities in the Ollama framework allow attackers to execute arbitrary code by feeding the server malicious GGUF model files. This article explains how the mllama metadata parsing flaw works, why versions before 0.7.0 are at risk, and what AI security teams should do to harden their local LLM infrastructure against code execution attacks.
Zoom delivered security fixes for Windows clients after investigators identified CVE-2025-49457, an untrusted DLL search path that can enable local privilege escalation and broader compromise. Because attackers chain DLL hijacking with lateral movement, admins should update Windows endpoints to version 6.3.10 and validate explicit path loading. This analysis explains affected apps, exploitation flow, high-signal detection, and quick remediation steps so defenders can reduce risk without adding noise.
Microsoft’s July 2025 cumulative update KB5062553 for Windows 11 24H2 is breaking core shell features like the Start menu, taskbar, and Settings on some systems, especially in VDI and first-logon scenarios. This breakdown goes through what’s actually failing, why a XAML race condition sits at the center of it, and how admins can keep 24H2 from turning user desktops into black screens.
Who Is Scattered Spider? Scattered Spider is a cybercrime group known for executing high-impact ransomware attacks across the United States. They gained notoriety for their clever use of social engineering, SIM-swapping, and remote access tools to infiltrate major organizations. Operating with international ties, the group targeted companies with sophisticated techniques and insider manipulation to extort…
CISA and NSA published a focused plan to harden Microsoft Exchange. Enforce modern authentication, cut exposure, enable Extended Protection, and lock down TLS to stop real-world attacks.
Artificial intelligence now faces an economic crossroads. From collapse to consolidation, national control to technological breakthroughs, four possible futures reveal how cost, scale, and power will determine what comes next.
A newly observed Mirai variant, “Broadside,” is exploiting weakly protected IoT systems across global maritime logistics environments. Its rapid spread and operational impact highlight growing risks as critical shipping infrastructure becomes increasingly automated and interconnected.