A recent investigation has uncovered that Microsoft relied on engineers located in China to provide support and maintenance for its SharePoint platform, the same collaboration tool that was recently exploited by Chinese state-backed hackers. This finding has triggered serious cybersecurity concerns, especially regarding insider threats in software that is heavily used by both private companies […]
SafePay ransomware has rapidly become one of 2025’s most dangerous cyber threats. Reports indicate that the group was responsible for 73 confirmed attacks in June and an additional 42 in July, bringing its total number of victims this year to over 270. Unlike ransomware-as-a-service (RaaS) groups that work with affiliate networks, SafePay functions as a
SafePay Ransomware Claims Attacks on 73 Organizations Within a Month Read More »
A newly identified cyber threat group known as TAG-150 has quickly established itself as a major security concern. Since March 2025, the group has demonstrated the ability to develop and launch multiple custom-built malware families, showcasing both technical skill and rapid evolution. Their arsenal includes CastleLoader, CastleBot, and the latest addition CastleRAT, a sophisticated Remote
TAG-150 Hackers Use Custom-Built Malware Families to Target Organizations Read More »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has directed Federal Civilian Executive Branch (FCEB) agencies to urgently patch their Sitecore systems by September 25, 2025, after confirming that a critical flaw is actively being exploited. Details of the Vulnerability The flaw, tracked as CVE-2025-53690, holds a CVSS score of 9.0, marking it as highly
CISA Mandates Urgent Patching of Critical Sitecore Vulnerability Under Active Attack Read More »
A severe security flaw has been discovered in SAP S/4HANA, the widely used Enterprise Resource Planning (ERP) platform. The vulnerability, identified as CVE-2025-42957 with a CVSS score of 9.9, is currently being exploited in real-world attacks. Vulnerability Details This is a command injection vulnerability that affects the function module exposed through Remote Function Calls (RFC).
SAP S/4HANA Critical Flaw CVE-2025-42957 Actively Exploited in the Wild Read More »
Cybersecurity researchers have uncovered a sophisticated phishing campaign abusing Scalable Vector Graphics (SVG) files to spread malicious content disguised as official documents from the Colombian judicial system. According to a report from VirusTotal, the attackers distribute the SVG files through email. These files contain hidden JavaScript code that decodes and loads a Base64-encoded phishing page
VirusTotal Detects 44 SVG Files Abused to Deliver Base64-Encoded Phishing Pages Read More »
Emerging quietly in mid-2025, XWorm has transformed into a highly sophisticated backdoor malware that manipulates both user trust and system conventions to infiltrate networks. Early indications appeared when several organizations reported a surge in phishing emails containing .lnk shortcut files disguised as ordinary documents. Security analysts quickly noticed that opening these shortcuts triggered hidden PowerShell
A new and sophisticated phishing campaign is currently targeting PayPal users, exploiting deceptive emails titled “Set up your account profile” to compromise accounts through a clever secondary user addition scheme. This scam uses advanced email spoofing and psychological manipulation to bypass traditional security measures, marking a notable evolution in online financial fraud. The fraudulent emails
Threat Actors Target PayPal Users with New Account Profile Setup Scam Read More »
Over recent years, Chinese state-backed Advanced Persistent Threat (APT) groups have actively targeted critical flaws in enterprise routers, enabling long-term access to global telecom and government networks. Groups known by names like Salt Typhoon and OPERATOR PANDA have systematically attacked provider edge (PE) and customer edge (CE) devices from top vendors, leveraging publicly disclosed Common
Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Networks Read More »
A large-scale Internet Protocol Television (IPTV) piracy infrastructure has been uncovered, spreading over more than 1,100 domains and more than 10,000 IP addresses. This illegal ecosystem has been running for several years, offering unauthorized streams of premium digital content. The pirated material includes international sports leagues, paid subscription services, and on-demand platforms, all distributed without
Massive IPTV Operation Spans 1,000 Domains and 10,000 IP Addresses Read More »