Exploitation

Zero-Click Samsung Flaw Used to Deliver LANDFALL Android Spyware Through WhatsApp

A critical security vulnerability in Samsung Galaxy Android devices was exploited as a zero-day to deploy a sophisticated commercial-grade spyware known as LANDFALL. The targeted attacks, focused in the Middle East, used a specially crafted image file sent through WhatsApp to compromise devices without any user interaction. The Exploited Vulnerability and Its Patch The flaw, […]

Zero-Click Samsung Flaw Used to Deliver LANDFALL Android Spyware Through WhatsApp Read More »

China’s Hackers Repurpose Legacy Flaws, from Log4j to IIS, into Global Espionage Tools

Chinese state aligned hacking groups continue to rely on long standing software vulnerabilities to conduct stealthy cyber operations across the globe. A recent incident involving a U.S. based non profit organization shows how older flaws such as Log4j, Atlassian, Struts, and IIS weaknesses are still being reused to gain long term access for intelligence gathering.

China’s Hackers Repurpose Legacy Flaws, from Log4j to IIS, into Global Espionage Tools Read More »

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

In a sophisticated evasion technique, the Russia-aligned threat actor known as Curly COMrades is now exploiting Windows’ native Hyper-V virtualization to create a hidden Linux environment. This covert space is used to host custom malware, effectively bypassing traditional Endpoint Detection and Response (EDR) security measures. A Hidden Virtual Environment for Stealthy Operations According to a

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection Read More »

Cisco Alerts Users to New Firewall Attack Exploiting CVE 2025 20333 and CVE 2025 20362

Cisco has issued a critical security alert, warning users of a new attack variant targeting its Secure Firewall appliances. This campaign exploits two specific vulnerabilities, CVE-2025-20333 and CVE-2025-20362, which can cause unpatched devices to crash and create a denial-of-service (DoS) condition, disrupting network operations. Exploited Vulnerabilities in Firewall Software The networking giant disclosed that it

Cisco Alerts Users to New Firewall Attack Exploiting CVE 2025 20333 and CVE 2025 20362 Read More »

Critical React Native CLI Vulnerability Exposed Millions of Developers to Remote Attacks

A critical security vulnerability, tracked as CVE-2025-11953, has been discovered and patched in the widely used @react-native-community/cli npm package. This flaw could have allowed remote, unauthenticated attackers to execute arbitrary operating system commands on a developer’s machine, posing a severe risk to the software development ecosystem. Vulnerability Overview and Severity The vulnerability received the highest severity rating with

Critical React Native CLI Vulnerability Exposed Millions of Developers to Remote Attacks Read More »

Microsoft Teams Vulnerabilities Allow Attackers to Impersonate Colleagues and Edit Messages Undetected

Security researchers have uncovered a set of critical vulnerabilities within Microsoft Teams that could have allowed attackers to manipulate conversations, impersonate trusted colleagues, and exploit notifications to launch sophisticated social engineering attacks. These flaws fundamentally undermined the trust users place in the platform’s communication integrity. The Core Vulnerabilities: A Breakdown of the Threats Discovered by

Microsoft Teams Vulnerabilities Allow Attackers to Impersonate Colleagues and Edit Messages Undetected Read More »

Russian Ransomware Groups Weaponize Open-Source AdaptixC2 for Advanced Attacks

A powerful open-source command-and-control (C2) framework named AdaptixC2 is rapidly being adopted by a wide range of cybercriminals, with strong links to Russian ransomware operations. This trend highlights the ongoing weaponization of legitimate security tools by threat actors to conduct more advanced and evasive attacks. What is AdaptixC2? AdaptixC2 is an emerging, extensible post-exploitation framework

Russian Ransomware Groups Weaponize Open-Source AdaptixC2 for Advanced Attacks Read More »

China-Linked Hackers Exploit Windows Shortcut Vulnerability to Target European Diplomats

A China-affiliated cyber espionage group, tracked as UNC6384, has been discovered conducting a sophisticated campaign targeting European diplomatic and government entities. The attacks, occurring between September and October 2025, exploit an unpatched Windows shortcut vulnerability to deploy the notorious PlugX remote access trojan on victim systems. Strategic Targeting of European Diplomacy According to a technical

China-Linked Hackers Exploit Windows Shortcut Vulnerability to Target European Diplomats Read More »

CISA and NSA Release Critical Security Guidance for WSUS and Microsoft Exchange Servers

In a joint cybersecurity advisory, U.S. and international agencies have released critical guidance to help organizations fortify their on-premise Microsoft Exchange Server environments against persistent threats. The guidance emphasizes that unprotected and misconfigured instances remain prime targets for malicious actors and outlines a comprehensive strategy to secure these vital communication hubs. A Unified Call to

CISA and NSA Release Critical Security Guidance for WSUS and Microsoft Exchange Servers Read More »

CISA Confirms Active Exploitation of Critical Vulnerabilities in Dassault and XWiki

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially confirmed that threat actors are actively exploiting critical security vulnerabilities in two widely used enterprise platforms: Dassault Systèmes’ DELMIA Apriso and the open-source XWiki. These flaws grant attackers the ability to execute arbitrary code and seize control of affected systems, prompting urgent calls for patching.

CISA Confirms Active Exploitation of Critical Vulnerabilities in Dassault and XWiki Read More »