

Researchers developed a $50 memory interposer, dubbed “Battering RAM,” that can bypass Intel SGX and AMD SEV-SNP confidential computing protections by manipulating memory paths.

Malicious PyPI Package Masquerades as SOCKS5 Proxy Tool
The PyPI “SoopSocks” package claims to be a SOCKS5 proxy solution but conceals backdoor capabilities, enabling attackers to control compromised systems remotely.

Cisco ASA Zero-Day Alerts Ignored, Thousands of Devices at Risk
Despite Cisco and global agencies issuing urgent zero-day alerts, nearly 48,000 Cisco ASA firewalls remain vulnerable and exposed to ongoing exploit campaigns.

Banking Trojan Adds Hidden VNC Full Remote Control for Attackers
A newly discovered Android banking trojan combines overlay attacks with a stealthy hidden VNC server to gain full remote control over compromised devices.

CERT-UA Issues Alert on CabinetRAT Backdoor Cyber Threat
Ukraine’s CERT-UA has warned that CabinetRAT backdoor malware is being actively deployed in cyber espionage campaigns targeting government and critical networks.

New MatrixPDF Attack Weaponizes PDFs for Phishing Campaigns
Researchers have uncovered a new cybercriminal toolkit called MatrixPDF, designed to transform normal PDF files into weapons for phishing and malware delivery. This toolkit lowers the barrier for attackers. In fact, it provides ready made templates that let even inexperienced hackers craft PDF lures capable of bypassing security filters. As a result, phishing campaigns become…

Government & Military Systems Under Attack by APT35 Hackers
APT35 hackers, linked to Iran, are conducting cyberattacks against global government and military organizations, using spear-phishing and malware for espionage.

VMware Tools & Aria Zero-Day Exploited for Root Access
Security researchers have identified a critical zero-day flaw (CVE-2025-41244) affecting VMware Tools and VMware Aria. The bug enables local privilege escalation to root, a dangerous step in potential exploitation chains. The issue lies in service discovery mechanisms built into VMware, which allow guest and management systems to interact. Attackers are abusing this trust to escalate…

Malicious MCP Server Steals Secrets From Applications & Dev Environments
A malicious MCP server can exfiltrate API keys and sensitive data from applications, exposing how trust in developer frameworks can be abused.

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
EvilAI operators are hiding malware in legitimate-looking AI tools that appear functional and signed, enabling reconnaissance, browser data exfiltration, and encrypted C2 communication across global targets.