Collaborate Disseminate
The Dutch intelligence and security services have identified a new Russia-affiliated threat group that has been breaching government organizations and commercial entities in Europe and North America, and they dubbed it Laundry Bear. “Compared to … Continue reading Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group
Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranić, security researcher and founder of cybersecurity startup ThreatLeap. The vulnerabilities Juranić, whose AppSec … Continue reading Vulnerabilities found in NASA’s open source software
CVE-2025-4427 and CVE-2025-4428 – the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti last week – are being leveraged by a Chinese cyber espionage group that … Continue reading Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. The videos are getting published by a number of TikTok user accounts, seem AI-m… Continue reading TikTok videos + ClickFix tactic = Malware infection
Operation Endgame, mounted by law enforcement and judicial authorities from the US, Canada and the EU, continues to deliver positive results by disrupting the DanaBot botnet and indicting the leaders of both the DanaBot and Qakbot Malware-as-a-Service … Continue reading DanaBot botnet disrupted, QakBot leader indicted
Operation Endgame, mounted by law enforcement and judicial authorities from the US, Canada and the EU, continues to deliver positive results by disrupting the DanaBot botnet and indicting the leaders of both the DanaBot and Qakbot Malware-as-a-Service … Continue reading DanaBot botnet disrupted, QakBot leader indicted
A privilege escalation vulnerability in Windows Server 2025 can be used by attackers to compromise any user in Active Directory (AD), including Domain Admins. “The [“BadSuccessor”] attack exploits the delegated Managed Service Account… Continue reading Unpatched Windows Server vulnerability allows full domain compromise
Signal has released a new version of its end-to-end encrypted communication app for Windows that prevents Microsoft Recall and users from screenshotting text-based conversations happening in the app. The new “Screen security” setting is enabled by defa… Continue reading Signal blocks Microsoft Recall from screenshotting conversations
A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most significant infostealer threat at the moment. What is Lumma Stealer? Lumma St… Continue reading Lumma Stealer Malware-as-a-Service operation disrupted
Developers who specialize in writing smart (primarily Ethereum) contracts using the Solidity programming language have been targeted via malicious VS Code extensions that install malware that steals cryptocurrency wallet credentials. “Based on sh… Continue reading Data-stealing VS Code extensions removed from official Marketplace