Matrix Push C2 is a browser-native command-and-control framework that hijacks web push notifications to deliver phishing prompts, brand-spoofed alerts and malware. By abusing legitimate notification flows, it turns a routine “Allow notifications” click into a persistent phishing channel that most security stacks barely monitor.
CISA warned that multiple federal agencies still haven’t fully patched Cisco ASA/FTD devices despite active exploitation. Because the campaign targets the VPN web server and enables device takeover, teams must apply fixes for CVE-2025-20333/20362, follow ED 25-03 inventory and validation steps, and disconnect end-of-support hardware. This analysis explains impact, attack flow, high-signal detection, and fast remediation so defenders can reduce edge-device risk without slowing operations.
Microsoft has rolled out hardware-accelerated BitLocker support for Windows 11, delivering faster encryption, lower CPU overhead, and stronger device protection. This update significantly improves enterprise deployment and endpoint security strategies.
Microsoft 365 suffered a widespread outage across Australia, causing authentication failures, email disruptions and Teams connection issues. Although services gradually recovered, the incident exposed cloud reliability concerns for businesses that rely heavily on Microsoft’s ecosystem.
A China-linked crew still breaks in through legacy CVEs Log4j, Struts, Confluence, GoAhead then hides behind scheduled tasks and msbuild.exe to run memory-resident payloads. They probe domain controllers with DCSync, and they target misconfigured IIS by abusing ASP.NET machine keys to deploy TOLLBOOTH with SEO cloaking. Reduce risk by patching edge services, restricting LOLBAS on servers, rotating machine keys, and alerting on replication from non-DC hosts.
The Oracle E-Business Suite campaign continues to grow. This analysis explains the expanding victim list, enterprise impact, and the steps teams should take now to patch, hunt, and contain risk.
Zero Trust in 2025 means verifying every request and limiting access by default. This guide turns principles into a deployable plan: identity-first controls, phishing-resistant MFA, device posture checks, microsegmentation, and centralized policy decisions. Start with fast wins, measure risk reduction, and scale confidently.
Spanish authorities have dismantled the notorious GXC Team cybercrime syndicate, arresting its leader and several members in a joint operation with Europol.
The group allegedly ran large-scale credential theft, malware distribution, and financial fraud campaigns targeting victims across Europe and beyond.
A targeted malvertising campaign redirected users from Bing to a fake Teams download site, where a signed MSTeamsSetup.exe installed the Oyster backdoor — blocked just in time by Microsoft Defender ASR.
Salesforce has flagged a significant incident where applications published by Gainsight enabled unauthorized access to customer data via OAuth tokens. This article breaks down what happened, why third-party integrations are the new attack surface, and how defenders can respond immediately.