Exploitation

TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

A team of academic researchers from Georgia Tech, Purdue University, and Synkhronix has developed TEE.Fail, a practical side-channel method that can extract secrets from processor-based trusted execution environments, including Intel SGX, Intel TDX, AMD SEV-SNP, and Ciphertext Hiding. The technique uses inexpensive, off-the-shelf electronics to inspect DDR5 memory traffic, exposing weaknesses in current CPU TEE […]

TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves Read More »

Chrome Zero-Day Exploited to Deploy LeetAgent Spyware by Italian Memento Labs

A newly uncovered cyber espionage operation has revealed that a now-patched Google Chrome zero-day vulnerability was exploited to deploy a sophisticated spyware known as LeetAgent. According to research from Kaspersky, the operation has been linked to the Italian IT and security firm Memento Labs, known for developing surveillance tools. Operation ForumTroll and the Chrome Vulnerability

Chrome Zero-Day Exploited to Deploy LeetAgent Spyware by Italian Memento Labs Read More »

ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

Cybersecurity experts have uncovered a serious vulnerability in OpenAI’s ChatGPT Atlas browser, which could let attackers inject malicious commands into the AI assistant’s memory and execute unauthorized code. According to Or Eshed, Co-Founder and CEO of LayerX Security, “This exploit enables cybercriminals to implant harmful code, elevate privileges, or deploy malware on targeted systems,” as

ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands Read More »

Qilin Ransomware Uses Linux Payload and BYOVD Exploit in Sophisticated Hybrid Attack

Qilin, also tracked as Agenda, Gold Feather, and Water Galura, has become one of the most active ransomware-as-a-service operations since mid-2022. In 2025 the group averaged more than 40 victims per month, peaking at around 100 data-leak posts in June, and reaching 84 victims in both August and September 2025. Cisco Talos data shows significant

Qilin Ransomware Uses Linux Payload and BYOVD Exploit in Sophisticated Hybrid Attack Read More »

Over 706,000 BIND 9 Resolver Instances Exposed Online and Vulnerable to Cache Poisoning, PoC Released

A critical flaw has been uncovered in BIND 9 resolvers, which could allow attackers to poison DNS caches and redirect users to malicious domains. The vulnerability, tracked as CVE-2025-40778, affects more than 706,000 publicly exposed instances worldwide, according to data from internet scanning company Censys. With a CVSS score of 8.6, the bug arises from

Over 706,000 BIND 9 Resolver Instances Exposed Online and Vulnerable to Cache Poisoning, PoC Released Read More »

Newly Patched Critical Microsoft WSUS Vulnerability Actively Exploited

Microsoft has released an urgent out-of-band security update to address a critical vulnerability in Windows Server Update Services (WSUS). This flaw, identified as CVE-2025-59287, has a high CVSS score of 9.8 and is being actively exploited, with a publicly available proof-of-concept (PoC) already circulating. The vulnerability is a remote code execution (RCE) issue affecting WSUS

Newly Patched Critical Microsoft WSUS Vulnerability Actively Exploited Read More »

CISA Confirms Active Exploitation of Critical Lanscope Endpoint Manager Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog. According to the agency, the flaw has been actively exploited in the wild, posing a significant risk to organizations using unpatched versions. Identified as CVE-2025-61932 and rated 9.3 (CVSS

CISA Confirms Active Exploitation of Critical Lanscope Endpoint Manager Vulnerability Read More »

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Shortly After Microsoft’s July Patch

Chinese-linked threat actors have quickly exploited the ToolShell security vulnerability in Microsoft SharePoint, targeting multiple organizations across the globe shortly after Microsoft patched the flaw in July 2025. This series of attacks highlights the speed and sophistication of threat actors in leveraging newly disclosed vulnerabilities for espionage and cybercrime. The initial breach affected a telecommunications

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Shortly After Microsoft’s July Patch Read More »

Azure Apps Vulnerability Allows Attackers to Create Malicious Apps That Impersonate Microsoft Teams

Security researchers have discovered vulnerabilities in Microsoft’s Azure ecosystem that allow attackers to create fraudulent applications that look like official services, including Microsoft Teams and the Azure Portal. Unicode Trick Bypasses Safeguards Varonis identified that Azure’s protection mechanisms, which prevent reserved names in cross-tenant apps, can be circumvented by inserting invisible Unicode characters. Attackers used

Azure Apps Vulnerability Allows Attackers to Create Malicious Apps That Impersonate Microsoft Teams Read More »

Zyxel Authorization Bypass Vulnerability Lets Attackers View and Download System Configurations

A serious security flaw has been discovered in Zyxel’s ATP and USG series network security appliances, enabling attackers to bypass two-factor authentication and access sensitive system configurations without authorization. Identified as CVE-2025-9133, this vulnerability impacts devices running ZLD firmware version 5.40 and was publicly disclosed on October 21, 2025, following a coordinated disclosure. The flaw

Zyxel Authorization Bypass Vulnerability Lets Attackers View and Download System Configurations Read More »