A sophisticated new espionage campaign, tracked as PassiveNeuron, uses novel malware families Neursite and NeuralExecutor to target government and industrial networks across Latin America and East Asia. This article breaks down the tools, techniques and defensive steps security teams must act on now.
A newly discovered Android banking trojan combines overlay attacks with a stealthy hidden VNC server to gain full remote control over compromised devices.
Microsoft’s November update fixes an exploited Windows Kernel zero-day (CVE-2025-62215) and a critical zero-click GDI+ RCE (CVE-2025-60724). Therefore, prioritize domain controllers, management servers, upload-handling services, and developer workstations using WSLg. Then complete fleet rollout and validate Kerberos delegation settings to blunt identity abuse.
Security researchers have identified a new StealIt malware campaign abusing the NodeJS SingleFile module to exfiltrate sensitive data from compromised environments. This JavaScript-based threat demonstrates how legitimate developer tools can be turned into effective espionage vectors within open-source ecosystems.
Cybersecurity researchers uncovered a North Korean operation that targets software developers by hiding malicious code inside public repositories.
The campaign, linked to Lazarus Group, uses fake developer tools and trojanized libraries to infiltrate development environments worldwide.
A rapid cascade of cyber events Chrome zero-day, a record DDoS, Cisco IOS exploit, and Kali Linux upgrade highlight how threat activity keeps accelerating.
Microsoft has restricted Internet Explorer (IE) Mode in Edge after discovering it was exploited in targeted attacks. The vulnerability, now patched, allowed threat actors to bypass modern security controls by abusing legacy IE components embedded within enterprise browsers.
CISA has flagged CVE-2025-54253, a maximum-severity (CVSS 10.0) vulnerability in Adobe Experience Manager (AEM), as already under active attack. The root cause lies in how the /adminui/debug servlet misinterprets user-supplied OGNL expressions as Java code without authentication or validation. This flaw lets unauthenticated attackers execute system commands remotely. In this article, you’ll get the full technical breakdown, threat scenarios, detection strategies, mitigation plans, and best practices specific to AEM deployments.
Intelliloan has notified customers of a March 2025 hack that exposed sensitive PII such as Social Security numbers, driver’s licenses, and financial data across its systems.
A Reagan-themed anti-tariff ad paused U.S.–Canada talks. Canada’s prime minister apologized to Trump, seeking to cool tempers, protect exporters, and restart negotiations.