A misconfigured default in the HashiCorp Vault Terraform Provider created a HashiCorp Vault bypass vulnerability in LDAP-backed environments, allowing attackers to authenticate without valid credentials. This analysis explains CVE-2025-13357, real-world impact, and concrete hardening steps for Vault and Terraform.
CISA is warning that state-linked threat actors are actively using commercial spyware and remote access trojans to hijack Signal and WhatsApp accounts, weaponize linked devices and deploy zero-click exploits. This article breaks down the campaigns, the tools involved and the specific hardening steps high-value targets should take immediately.
A Russian-linked threat actor is hiding Stealc V2 infostealer inside Blender project files shared on 3D model marketplaces. By abusing Blender’s Auto Run Python Scripts feature, the campaign turns legitimate-looking character rigs into a delivery vector that steals browser, wallet, VPN and messaging credentials from creative workstations.
The infamous Shai-hulud worm has resurfaced in the npm ecosystem with a new Sha1-hulud variant. By executing during preinstall, hijacking popular packages, stealing GitHub and cloud secrets, and wiping developer home directories when exfiltration fails, this worm turns supply-chain compromise into both an access play and a destructive weapon.
A cyberattack on real-estate finance vendor SitusAMC has raised the risk that documents tied to major banks, including JPMorgan and Citi, may have been exposed. This analysis explains what we know so far, how attackers leverage third-party providers, and what banks and customers should do next.
Quantum encryption promises stronger security, yet it also strains satellite hardware, bandwidth and mission design. Switzerland’s Armed Forces now redesign their space architecture to handle quantum-era threats, “harvest-now, decrypt-later” campaigns and the limits of legacy spacecraft.
The FCC has rolled back core ISP cybersecurity rules that were introduced after the Salt Typhoon telecom espionage campaign. With China-linked hackers still probing carrier infrastructure, enterprises must treat telecom exposure as a high-risk dependency and reinforce their own defenses instead of assuming federal safeguards will protect them.
Microsoft’s July 2025 cumulative update KB5062553 for Windows 11 24H2 is breaking core shell features like the Start menu, taskbar, and Settings on some systems, especially in VDI and first-logon scenarios. This breakdown goes through what’s actually failing, why a XAML race condition sits at the center of it, and how admins can keep 24H2 from turning user desktops into black screens.
Between 2024 and 2025, China-linked APT31 conducted a stealthy espionage campaign targeting Russian IT contractors and government integrators. The group masked its command-and-control using legitimate cloud services such as Yandex Cloud and OneDrive, deployed loaders like CloudyLoader via DLL side-loading, and maintained long dwell times within compromised networks. This article decodes APT31’s tool-kit, tactics and persistence model, and offers detection and response guidance for defenders.
A WhatsApp API flaw allowed researchers to enumerate 3.5 billion accounts by abusing weak rate-limiting in the contact-discovery endpoint, exposing global phone-number mappings and public profile metadata that adversaries could weaponize for large-scale phishing, impersonation and SIM-swap attacks.