CISA Warns of MeteoBridge RCE Bug CVE-2025-4008
CISA has listed CVE-2025-4008, a remote code execution bug in MeteoBridge devices, signaling active exploitation and urging immediate patching.
Tag: safety
Read More
Signal Warns It’ll Withdraw From EU Under Chat Control
Signal has stated it may quit the European market if the EU forces apps to scan private messages under Chat Control, citing encryption and privacy concerns.
Microsoft Outlook Disables Inline SVG Support Amid Security Risks
Microsoft Outlook has disabled inline SVG image rendering after attackers exploited the feature in phishing campaigns, marking another step in tightening email security.
Confucius APT Unleashes WooperStealer, Anondoor in Pakistan
Confucius hackers launched a phishing campaign in Pakistan deploying WooperStealer and Anondoor malware using PPSX and LNK files to compromise sensitive systems.
Google Mandiant Investigates Oracle-Linked Cyber Threat Activity
Google Mandiant has launched an investigation into a new cyberattack campaign targeting Oracle systems, raising alarms over advanced threat activity and enterprise risks.
Confidential Computing Fails: Battering RAM Attack Succeeds
Researchers developed a $50 memory interposer, dubbed “Battering RAM,” that can bypass Intel SGX and AMD SEV-SNP confidential computing protections by manipulating memory paths.
Banking Trojan Adds Hidden VNC Full Remote Control for Attackers
A newly discovered Android banking trojan combines overlay attacks with a stealthy hidden VNC server to gain full remote control over compromised devices.
Government & Military Systems Under Attack by APT35 Hackers
APT35 hackers, linked to Iran, are conducting cyberattacks against global government and military organizations, using spear-phishing and malware for espionage.
VMware Tools & Aria Zero-Day Exploited for Root Access
Security researchers have identified a critical zero-day flaw (CVE-2025-41244) affecting VMware Tools and VMware Aria. The bug enables local privilege escalation to root, a dangerous step in potential exploitation chains. The issue lies in service discovery mechanisms built into VMware, which allow guest and management systems to interact. Attackers are abusing this trust to escalate…
EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
EvilAI operators are hiding malware in legitimate-looking AI tools that appear functional and signed, enabling reconnaissance, browser data exfiltration, and encrypted C2 communication across global targets.