Zeljka Zorz
CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)
CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian …
Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480)
Attackers have exploited a now-fixed vulnerability (CVE-2025-12480) in the Gladinet Triofox secure file sharing and remote access platform while it was still a zero-day, …
Attackers upgrade ClickFix with tricks used by online stores
Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware …
Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354)
Cisco has fixed two critical vulnerabilities (CVE-2025-20358, CVE-2025-20354) affecting Unified Contact Center Express (UCCX), which may allow attackers to bypass …
SonicWall cloud backup hack was the work of a state actor
Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored …
Google uncovers malware using LLMs to operate and evade detection
PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated …
Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
On Tuesday, CISA added two vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2025-11371, which affects Gladinet’s CentreStack and Triofox file-sharing …
Cybercriminals exploit RMM tools to steal real-world cargo
Cybercriminals are compromising logistics and trucking companies by tricking them into installing remote monitoring and management (RMM) tools, Proofpoint researchers warned. …
Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
A ransomware negotiator and an incident response manager have been indicted in Florida for allegedly conspiring to deploy the ALPHV/BlackCat ransomware against multiple US …
Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military
A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite …
Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues …
CISA and partners take action as Microsoft Exchange security risks mount
In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined …