Collaborate Disseminate
Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of an emergency fix for CVE-2025-59287, a Window… Continue reading Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)
Sanctions are one of the tools Western governments use when they want to hit back at state-sponsored cyber threat actors. But do they actually work? That’s the question a group of current and former cybersecurity officials, analysts, and researchers ta… Continue reading Sanctions won’t stop cyberattacks, but they can still “bite”
The Python Software Foundation (PSF) has rejected a $1.5 million government grant due to restrictive conditions that would force the foundation to betray its mission and its community, the programming non-profit announced on Monday. “In January 2… Continue reading Python Foundation rejects US government grant earmarked for security improvements
A high-severity vulnerability (CVE-2025-40778) affecting BIND 9 DNS resolvers could be leveraged by remote, unauthenticated attackers to manipulate DNS entries via cache poisoning, allowing them to redirect Internet traffic to potentially malicious sit… Continue reading PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)
CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected commercial spyware. An analysis of the malware’s co… Continue reading Italian-made spyware Dante linked to Chrome zero-day exploitation campaign
Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, the payment rate dropped to just 19 percent, according to Coveware. “C… Continue reading Ransomware, extortion groups adapt as payment rates reach historic lows
Microsoft has released an out-of-band security update that “comprehensively” addresses CVE-2025-59287, a remote code execution vulnerability in the Windows Server Update Services (WSUS) that is reportedly being exploited in the wild. About … Continue reading Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)
Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change affects the file management tool’s Preview Pane, which lets users see the con… Continue reading Microsoft blocks risky file previews in Windows File Explorer
Check Point researchers have uncovered, mapped and helped set back a stealthy, large-scale malware distribution operation on YouTube they dubbed the “YouTube Ghost Network.” The network published more than 3,000 videos across compromised or… Continue reading Researchers expose large-scale YouTube malware distribution network
CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day since April 2025, the Japan Computer Emergency Response Team Coordination Ce… Continue reading Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)