Exploitation

XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features

Cybersecurity experts have closely monitored the development of XWorm malware, evolving it into a highly adaptable tool capable of executing a broad range of malicious operations on infected systems. Trellix researchers Niranjan Hegde and Sijo Jacob explained, “XWorm’s architecture is modular, consisting of a core client and multiple specialized components known as plugins. Each plugin […]

XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features Read More »

Microsoft Links Storm-1175 to GoAnywhere Exploit, Medusa Ransomware Deployment

Microsoft has attributed a recent wave of cyberattacks to a threat group identified as Storm-1175, linking it to the exploitation of a critical flaw in Fortra’s GoAnywhere MFT software. The attacks ultimately led to the deployment of Medusa ransomware, affecting several organizations globally. The vulnerability, tracked as CVE-2025-10035 with a CVSS score of 10.0, is

Microsoft Links Storm-1175 to GoAnywhere Exploit, Medusa Ransomware Deployment Read More »

Google Chrome RCE Flaw Disclosed, Exploit Code Published

Researchers have published full technical details and proof-of-concept exploit code for a critical remote code execution, RCE, vulnerability in Google Chrome’s V8 JavaScript engine. The bug stems from a WebAssembly type canonicalization regression that creates nullability confusion, and a separate JavaScript Promise Integration, JSPI, state-switching weakness that enables a novel sandbox bypass. This article explains

Google Chrome RCE Flaw Disclosed, Exploit Code Published Read More »

Chinese Cybercrime Gang Operates Worldwide SEO Fraud Scheme Through Hacked IIS Servers

A new cybersecurity investigation has revealed a large-scale cyber fraud operation linked to a Chinese-speaking group named UAT-8099. This group is reportedly involved in SEO manipulation, data theft, and unauthorized access to systems via compromised Microsoft IIS servers. The attackers primarily target regions like India, Thailand, Vietnam, Canada, and Brazil, with victims including universities, tech

Chinese Cybercrime Gang Operates Worldwide SEO Fraud Scheme Through Hacked IIS Servers Read More »

Fresh Report Connects BIETA and CIII Research Firms to China’s MSS Cyber Activities

A new intelligence report has revealed connections between two Chinese research firms, the Beijing Institute of Electronics Technology and Application (BIETA) and its subsidiary Beijing Sanxin Times Technology Co., Ltd. (CIII), and China’s Ministry of State Security (MSS). According to cybersecurity firm Recorded Future, BIETA appears to be managed or influenced by the MSS based

Fresh Report Connects BIETA and CIII Research Firms to China’s MSS Cyber Activities Read More »

Oracle Issues Urgent Patch for CVE-2025-61882 Exploited by Cl0p in Data Theft Attacks

Oracle has released an emergency patch to address a serious security vulnerability in its E-Business Suite. The flaw, identified as CVE-2025-61882 with a CVSS score of 9.8, has already been actively exploited in data theft campaigns carried out by the Cl0p ransomware group. Details of the Vulnerability The issue lies in the Oracle Concurrent Processing

Oracle Issues Urgent Patch for CVE-2025-61882 Exploited by Cl0p in Data Theft Attacks Read More »

CISA Warns Meteobridge CVE-2025-4008 Vulnerability Is Actively Exploited

Security firm ONEKEY, which discovered and reported the flaw in February 2025, explained that the Meteobridge web application, built using CGI shell scripts and C, exposes a script called template.cgi through the /cgi-bin/template.cgi directory. This script’s insecure use of eval makes it possible for attackers to inject malicious commands through specially crafted requests. For instance,

CISA Warns Meteobridge CVE-2025-4008 Vulnerability Is Actively Exploited Read More »

Hackers Exploit Milesight Routers to Send Phishing SMS to Users in Europe

Unknown threat actors have abused Milesight industrial cellular routers to send phishing SMS messages, or smishing, targeting users across several European countries since at least February 2022. French cybersecurity firm SEKOIA reports that attackers leveraged exposed router APIs to distribute malicious links, with a focus on Sweden, Italy, and Belgium. The campaigns impersonated government services,

Hackers Exploit Milesight Routers to Send Phishing SMS to Users in Europe Read More »

Researchers Reveal Google Gemini AI Flaws Enabling Prompt Injection and Cloud Exploits

Cybersecurity researchers have disclosed a trio of now-patched vulnerabilities, collectively called the Gemini Trifecta, that impacted Google’s Gemini AI suite. If exploited, these flaws could have exposed users to privacy breaches and data theft, by turning AI features into attack vectors, rather than just targets. The findings underscore a worrying trend, where sophisticated threat actors,

Researchers Reveal Google Gemini AI Flaws Enabling Prompt Injection and Cloud Exploits Read More »

Fortra GoAnywhere CVSS 10 Vulnerability Exploited as Zero-Day Before Disclosure

Cybersecurity firm watchTowr Labs has revealed that attackers began exploiting a severe flaw in Fortra GoAnywhere Managed File Transfer (MFT) software as early as September 10, 2025, a full week before it was publicly disclosed. According to Benjamin Harris, CEO and Founder of watchTowr, this is not simply a CVSS 10.0 vulnerability in software often

Fortra GoAnywhere CVSS 10 Vulnerability Exploited as Zero-Day Before Disclosure Read More »