A targeted malvertising campaign redirected users from Bing to a fake Teams download site, where a signed MSTeamsSetup.exe installed the Oyster backdoor — blocked just in time by Microsoft Defender ASR.
Attackers exploit CVE-2025-61932 in Lanscope Endpoint Manager clients to run code and move laterally. Patch MR/DA endpoints now and reduce internet exposure.
Volkswagen Group faces a serious cybersecurity challenge after ransomware gang 8Base claimed to have stolen sensitive data from its global operations. The incident exposes growing supply-chain risks and highlights how industrial manufacturers remain prime targets for modern cyber-extortion campaigns.
Microsoft Outlook has disabled inline SVG image rendering after attackers exploited the feature in phishing campaigns, marking another step in tightening email security.
Investigators suspect Russian-linked cyber actors may be behind the recent attack on Jaguar Land Rover (JLR) that disrupted operations and compromised corporate data. The findings align with a growing pattern of state-aligned cyber interference targeting the automotive sector in Europe.
Japanese brewing giant Asahi has fallen victim to a Qilin ransomware attack that reportedly stole 27 GB of corporate and employee data. Operations remain partially disrupted, with supply chain strain visible across Japan. The attack underscores ransomware’s growing focus on consumer-goods manufacturers and double-extortion tactics.
Harrods informed loyalty program members of a data breach tied to a third-party provider. The luxury retailer is investigating and urging customer caution.
CometJacking abuses browser WebSockets to hijack user connections, turning them into proxy nodes with a single click. The exploit marks a new wave of malware-less attacks that rely on web technologies rather than traditional payloads.
Five facilitators admitted to helping North Korean remote IT workers infiltrate 136 US companies through stolen identities and “laptop farms,” sending more than $2.2 million back to the regime and exposing hidden risks in everyday hiring pipelines.
A misconfigured default in the HashiCorp Vault Terraform Provider created a HashiCorp Vault bypass vulnerability in LDAP-backed environments, allowing attackers to authenticate without valid credentials. This analysis explains CVE-2025-13357, real-world impact, and concrete hardening steps for Vault and Terraform.