Author Archives: Zeljka Zorz

Fake Booking.com emails and BSODs used to infect hospitality staff

Posted on by

Suspected Russian attackers are targeting the hospitality sector with fake Booking.com emails and a fake “Blue Screen of Death” to deliver the DCRat malware. The malware delivery campaign starts with phishing emails that feature room charge… Continue reading Fake Booking.com emails and BSODs used to infect hospitality staff

Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits

Posted on by

Malware peddlers are targeting infosec enthusiasts, budding security professionals, and aspiring hackers with the Webrat malware, masquerading the threat as proof-of-concept (PoC) exploits for known vulnerabilities. Delivering the malware The recently … Continue reading Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits

WatchGuard Firebox firewalls under attack (CVE-2025-14733)

Posted on by

More than 115,000 internet-facing WatchGuard Firebox firewalls may be vulnerable to compromise via CVE-2025-14733, a remote code execution vulnerability actively targeted by attackers, Shadowserver’s latest scanning reveals. About CVE-2025-14733 … Continue reading WatchGuard Firebox firewalls under attack (CVE-2025-14733)

Crypto theft in 2025: North Korean hackers continue to dominate

Posted on by

When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new Chainalysis report on crypto theft in 2025 revealed. “North Korean hackers… Continue reading Crypto theft in 2025: North Korean hackers continue to dominate

Microsoft 365 users targeted in device code phishing attacks

Posted on by

Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses Microsoft’s OAuth 2.0 device authorization grant flow by presenting user… Continue reading Microsoft 365 users targeted in device code phishing attacks

Cisco email security appliances rooted and backdoored via still unpatched zero-day

Posted on by

A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November 2025, Cisco Talos researchers have shared. “Our analysis indicates that ap… Continue reading Cisco email security appliances rooted and backdoored via still unpatched zero-day

Actively exploited SonicWall zero-day patched (CVE-2025-40602)

Posted on by

SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the provided hotfix, as the flaw is being leveraged by attackers. “This vu… Continue reading Actively exploited SonicWall zero-day patched (CVE-2025-40602)

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)

Posted on by

Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved access to export their system configuration files, Arctic Wolf researchers war… Continue reading Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)