Threats

CVE-2025–27364 in MITRE Caldera: Exploitation of a New Max-Severity RCE Vulnerability via Linker Flag Manipulation Can Lead to Full System Compromise 

/
CVE-2025–27364 in MITRE Caldera

A novel max-severity RCE vulnerability (CVE-2025-27364) in MITRE Caldera poses a serious risk of system compromise. The flaw can also be chained with another Parallels Desktop security issue, CVE-2024-34331, to double the risks of threats. If exploited, these security issues could provide hackers with full system control, causing unauthorized access, data breaches, and further lateral […]

The post CVE-2025–27364 in MITRE Caldera: Exploitation of a New Max-Severity RCE Vulnerability via Linker Flag Manipulation Can Lead to Full System Compromise  appeared first on SOC Prime.

News & Updates

5 Active Malware Campaigns in Q1 2025

/
The first quarter of 2025 has been a battlefield in the world of cybersecurity. Cybercriminals continued launching aggressive new campaigns and refining their attack methods.
Below is an overview of five notable malware families, accompanied by analyses conducted in controlled environments.
NetSupport RAT Exploiting the ClickFix Technique
In early 2025, threat actors began exploiting a technique
News & Updates

2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT

/
A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice’s product suite to sidestep detection efforts and deliver the Gh0st RAT malware.
“To further evade detection, the attackers deliberately generated multiple variants (with different hashes) of the 2.0.2 driver by modifying specific PE parts while keeping the signature valid,” Check Point
News & Updates

GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets

/
Cybersecurity researchers are calling attention to an ongoing campaign that’s targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub.
The campaign, which spans hundreds of repositories, has been dubbed GitVenom by Kaspersky.
“The infected projects include an automation instrument for interacting with Instagram accounts, a Telegram bot that enables
Scroll to Top