CVE-2025-26465 & CVE-2025-26466 Vulnerabilities Expose Systems to Man-in-the-Middle and DoS Attacks
Two newly uncovered security flaws in the open-source OpenSSH suite tracked as CVE-2025-26465 and CVE-2025-26466 could enable adversaries to launch…
Threats
CVE-2025-1094 Exploitation, a Critical SQL Injection Vulnerability in PostgreSQL That Can Lead to Arbitrary Code Execution
A novel PostgreSQL flaw, CVE-2025-1094, has hit the headlines. Defenders recently revealed that attackers responsible for weaponizing a BeyondTrust zero-day…
RedCurl/EarthKapre APT Attack Detection: A Sophisticated Cyber-Espionage Group Uses a Legitimate Adobe Executable to Deploy a Loader
The nefarious cyber-espionage hacking collective tracked as EarthKapre or RedCurl APT has resurfaced to target legal sector organizations using Indeed-themed…
Sandworm APT Attacks Detection: russian State-Sponsored Hackers Deploy Malicious Windows KMS Activators to Target Ukraine
For over a decade, russia-backed Sandworm APT group (also tracked as UAC-0145, APT44) has consistently targeted Ukrainian organizations, with a…
XE Group Activity Detection: From Credit Card Skimming to Exploiting CVE-2024-57968 and CVE-2025-25181 VeraCore Zero-Day Vulnerabilities
XE Group, likely a Vietnam-linked hacking collective that has been active in the cyber threat arena for over a decade…
CVE-2025-0411 Detection: russian Cybercrime Groups Rely on Zero-Day Vulnerability in 7-Zip to Target Ukrainian Organizations
Since a full-scale invasion of Ukraine, cybercriminal groups of russian origin have relentlessly targeted the Ukrainian state bodies and business…
CVE-2025-21293 Detection: PoC Exploit Released for a Privilege Escalation Vulnerability in Active Directory Domain Services
Shortly after the critical zero-click OLE vulnerability in Microsoft Outlook (CVE-2025-21298), yet another dangerous security threat has come to light.…
Lumma Stealer Detection: Sophisticated Campaign Using GitHub Infrastructure to Spread SectopRAT, Vidar, Cobeacon, and Other Types of Malware
Lumma Stealer, nefarious info-stealing malware, resurfaces in the cyber threat arena. Defenders recently uncovered an advanced adversary campaign distributing Lumma…
TorNet Backdoor Detection: An Ongoing Phishing Email Campaign Uses PureCrypter Malware to Drop Other Payloads
Financially motivated hackers are behind an ongoing malicious campaign targeting Poland and Germany. These phishing attacks aim to deploy multiple…
CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380 Detection: CISA and FBI Warn Defenders of Two Exploit Chains Using Critical Ivanti CSA Vulnerabilities
Defenders shed light on a set of vulnerabilities in Ivanti Cloud Service Appliances (CSA) that can be chained for further…