As summer reaches its peak, the cyber threat landscape is heating up just as fast. Following the recent disclosure of CVE-2025-8292, a use-after-free vulnerability in Chrome’s Media Stream, security researchers have uncovered active exploitation of a novel WinRAR zero-day to deliver RomCom malware.  Tracked as CVE-2025-8088, this path traversal flaw in the Windows version of […]

The post CVE-2025-8088 Detection: WinRAR Zero-Day Is Actively Exploited in the Wild to Install RomCom Malware appeared first on SOC Prime.

The UAC-0099 hacking collective, active in cyber-espionage campaigns against Ukraine since mid-2022, has reemerged in the cyber threat arena. The CERT-UA team has recently investigated a series of cyber-attacks linked to the UAC-0099 group targeting government authorities, defense forces, and enterprises within Ukraine’s defense industry sector, leveraging the MATCHBOIL loader, the MATCHWOK backdoor, and the […]

The post UAC-0099 Attack Detection: Hackers Target Government and Defense Agencies in Ukraine Using MATCHBOIL, MATCHWOK, and DRAGSTARE Malware appeared first on SOC Prime.

russia-affiliated hacking groups remain a major global threat, continuously adapting their tactics to serve Moscow’s geopolitical interests. As international tensions escalate, these government-linked actors are expanding their focus, targeting high-profile organizations worldwide. In its latest report, the Microsoft Threat Intelligence team highlights recent activity from Secret Blizzard (aka Turla, UAC-0024), which is now targeting foreign […]

The post Secret Blizzard Attack Detection: russia-Backed APT Targets Foreign Embassies in Moscow With ApolloShadow Malware appeared first on SOC Prime.

After Microsoft’s recent patch for two critical zero-day vulnerabilities in SharePoint (CVE-2025-53770, CVE-2025-53771), Google has followed with its own urgent response. Tech giant has issued a Chrome security update to address multiple flaws, including a severe use-after-free vulnerability in the Media Stream component (CVE-2025-8292). This high-risk bug is easy to exploit, requires no authentication, and […]

The post CVE-2025-8292: Use-After-Free Vulnerability in Google Chrome Leads to RCE and System Compromise appeared first on SOC Prime.

Attackers are increasingly leveraging AI to compromise critical business assets, signaling a dangerous evolution in the threat landscape. Check Point Research’s AI Security Report 2025 highlights how threat actors are using AI for deepfake impersonation, automated malware creation, jailbroken LLMs, and generative disinformation campaigns. Following the campaigns involving AI lures to disseminate CyberLock, Lucky_Gh0$t, and […]

The post Koske Malware Detection: New AI-Generated Linux Threat in the Wild appeared first on SOC Prime.

Following closely after the Interlock ransomware attacks that used a new custom RAT delivered through a modified ClickFix variant called FileFix, a new malicious campaign has emerged, also leveraging a ClickFix-themed malware delivery website. Defenders have uncovered a novel global Epsilon Red ransomware operation that began in July 2025, in which attackers use fake ClickFix […]

The post Epsilon Red Ransomware Detection: New Adversary Campaign Targeting Users Globally via ClickFix appeared first on SOC Prime.

In mid-July 2025, researchers spread the news of the reemergence of the Interlock ransomware group, leveraging a modified version of the ClickFix malware to deliver a novel PHP-based iteration of their custom RAT. In response to the growing threat, the authoring agencies, including the FBI and CISA, have recently issued a joint cybersecurity alert notifying […]

The post Interlock Ransomware Detection: The FBI, CISA, and Partners Issue Joint Alert on Massive Attacks via the ClickFix Social Engineering Technique appeared first on SOC Prime.

This summer saw a surge of critical vulnerabilities impacting Microsoft products. A new RCE vulnerability in Windows, tracked as CVE-2025-33053, had been actively weaponized by the Stealth Falcon APT group. At the same time, another severe flaw, dubbed EchoLeak (CVE-2025-32711), was uncovered in Microsoft Copilot, enabling silent data exfiltration via email with no user interaction […]

The post CVE-2025-53770 Detection: Microsoft SharePoint Zero-Day Vulnerability Is Actively Exploited for RCE Attacks appeared first on SOC Prime.

The notorious russian state-sponsored threat group UAC-0001 (also tracked as APT28) has once again surfaced in the cyber threat landscape. After CERT-UA’s late June alert exposing the group’s use of the COVENANT framework and the BEARDSHELL backdoor, UAC-0001 has maintained its focus on Ukraine. CERT-UA now reports a new wave of cyber-attacks targeting the security […]

The post UAC-0001 (APT28) Attack Detection: The russia-Backed Actor Uses LLM-Powered LAMEHUG Malware to Target Security and Defense Sector  appeared first on SOC Prime.

As the summer heat continues to climb, so does the surge of critical vulnerabilities in popular software products, intensifying the global cyber threat landscape. Hot on the heels of the disclosure of CVE-2025-25257, a critical flaw in Fortinet’s FortiWeb web application firewall, another high-impact vulnerability has emerged. Adversaries are exploiting a critical zero-day vulnerability in […]

The post CVE-2025-6558 Vulnerability: Google Chrome Zero-Day Under Active Exploitation appeared first on SOC Prime.