Researchers have uncovered a new global campaign linked to the TA585 threat group, deploying a malware strain called MonsterV2. The campaign targets enterprise, finance, and industrial sectors, leveraging advanced persistence and evasion techniques to steal data and compromise corporate networks
A 0-day buffer overflow vulnerability in Cisco ASA and FTD devices, exploitable via WebVPN, allows unauthenticated remote code execution. Cisco has released patches and issued guidance for mitigation.
SIM farms expose how weak KYC and SMS OTP let fraud scale. Raids seized SIM boxes and tens of thousands of cards. Here’s how carriers and brands can actually fix it.
A critical zero-day vulnerability in Gladinet’s CentreStack file-sharing software is being actively exploited by attackers, allowing full remote system access and potential data exfiltration. Enterprises are urged to apply temporary mitigations until an official patch becomes available.
The recently disclosed flaw in LANSCOPE Endpoint Manager (CVE-2025-61932) enables unauthenticated attackers to send malicious packets, execute arbitrary code and compromise systems. Organisations must patch affected versions, apply network controls and monitor for unusual traffic to avoid full network takeover.
Abandoned apps, APIs, and identities keep resurfacing. Hunt them continuously, retire them completely, and verify they stay dead—before attackers exploit them.
Signal has called on Germany to reject the EU’s chat control proposal, warning that client-side scanning would break encryption, facilitate surveillance, and undermine trust in private communication.
Despite Cisco and global agencies issuing urgent zero-day alerts, nearly 48,000 Cisco ASA firewalls remain vulnerable and exposed to ongoing exploit campaigns.
Researchers tracked 1,330 suspicious domains impersonating 23 luxury brands ahead of peak shopping. Prepare for activation waves with monitoring, takedowns, and buyer guidance.
CISA added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog. This article provides a CVE-by-CVE technical breakdown, enterprise impact assessment, detection and mitigation actions, and prioritized remediation guidance for security operations teams. Includes an AEO-optimized FAQ and verified external sources.