Security researchers have uncovered a widespread campaign where attackers exploited publicly available ASP.NET machine keys to break into Windows IIS web servers, then installed a malicious IIS module to hijack traffic and profit from fake search rankings. The group, tracked as REF3927, leveraged keys published in places like Microsoft documentation and online forums, making many […]
The first day of Pwn2Own Ireland 2025 concluded with remarkable results, as security researchers discovered 34 distinct zero-day vulnerabilities across a variety of smart devices. Every single exploit attempt succeeded, resulting in a total prize payout of $522,500. The event, taking place in Cork, Ireland, from October 21 to 24, brings together elite hackers to
Hackers Exploit 34 Zero-Day Flaws and Earn $522,500 at Pwn2Own Ireland 2025 Read More »
Cybercriminals have compromised the official Xubuntu website, redirecting torrent download links to a malicious ZIP archive that delivers Windows-based malware. The attack, detected on October 18, 2025, underscores ongoing security weaknesses in community-managed Linux distribution platforms, particularly as users shift from outdated operating systems. Instead of legitimate Xubuntu ISO torrents, unsuspecting users were offered a
Threat Actors Breach Xubuntu Website to Distribute Malicious Windows Executable Read More »
Google has issued an emergency security update to fix a high-severity flaw in the V8 JavaScript engine used by the Chrome browser. The patch was released quickly to prevent potential remote code execution (RCE) attacks that could compromise user devices. Discovery of the Vulnerability The flaw, identified as CVE-2025-12036, originates from an improper implementation inside
Vulnerability in Chrome V8 JavaScript Engine Enables Remote Code Execution Read More »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. This update officially confirms that a newly disclosed flaw in Oracle E-Business Suite (EBS) has been weaponized in real-world attacks, posing serious risks to organizations using affected systems. Oracle E-Business Suite Flaws Under Attack
A European telecommunications company has reportedly fallen victim to a cyberattack linked to a China-based espionage group known as Salt Typhoon. The incident, uncovered by Darktrace, occurred in early July 2025 when the attackers exploited a Citrix NetScaler Gateway vulnerability to gain unauthorized access to the organization’s internal network. Salt Typhoon: A Persistent and Evolving
Google’s Threat Intelligence Group (GTIG) has revealed new details about the Russian-linked hacking group known as COLDRIVER, uncovering three newly developed malware families that reflect the group’s increasing cyber activity since May 2025. According to GTIG’s research, COLDRIVER has significantly expanded its malware arsenal just days after its previously known malware, LOSTKEYS, was publicly exposed.
Google Uncovers Three New Russian Malware Families Developed by COLDRIVER Hackers Read More »
Cybersecurity researchers have uncovered the inner workings of a router-focused botnet called PolarEdge, which targets devices from Cisco, ASUS, QNAP, and Synology. First reported by Sekoia in February 2025, PolarEdge uses a TLS-based ELF implant to take control of vulnerable routers and expose them to remote commands, creating a network of compromised devices for purposes
PolarEdge Botnet Expands, Targeting Cisco, ASUS, QNAP, and Synology Routers Read More »
China’s Ministry of State Security (MSS) has accused the United States National Security Agency (NSA) of executing a planned cyberattack against the National Time Service Center (NTSC). The Chinese agency described the U.S. as a “hacker empire” and “the greatest source of chaos in cyberspace.” According to MSS, the attack targeted China’s official time infrastructure,
Cybersecurity researchers have uncovered a fresh phishing campaign that appears aimed at organizations in Russia’s automotive and e-commerce sectors, using a previously unseen .NET implant, named CAPI Backdoor. According to Seqrite Labs, attackers distributed a ZIP attachment to trigger infection, and the ZIP artifact was uploaded to VirusTotal on October 3, 2025. image import–phishing-zip-sample Attack
New .NET CAPI Backdoor Targets Russian Automotive and E-Commerce Firms via Phishing ZIPs Read More »