Kaspersky cybersecurity researchers have found new attacks utilizing an improved variant of the long-dormant MysterySnail RAT — a sophisticated remote access trojan first discovered in 2021 while exploiting a zero-day vulnerability CVE-2021-40449. This RAT is attributed to the Chinese-speaking APT group IronHusky. Now it seems IronHusky APT revived MysterySnail RAT to target governments in Mongolia … Continued
Category: Vulnerabilities | Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security vulnerability affecting SonicWall Secure Mobile Access (SMA) 100 Series devices to its Known Exploited Vulnerabilities (KEV)catalog, following confirmed reports of real-world exploitation. This high-severity flaw, tracked as CVE-2021-20035 with a CVSS score of 7.2, is an … Continued
A newly discovered Windows vulnerability, tracked as CVE-2025-24054, is being actively exploited in the wild, prompting urgent warnings from security researchers. This flaw allows attackers to leak NTLMv2-SSP hashes using .library-ms files, exposing users to credential theft, lateral movement, and full domain compromise. Though it was fixed by Microsoft on March 11,2025, threat actors began … Continued
Apple on Wednesday issued emergency security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to fix two newly discovered vulnerabilities that the company says are being actively exploited in the wild. The flaws—both considered high-risk—have been tracked as CVE-2025-31200 and CVE-2025-31201. CVE-2025-31200 (CVSS score: 7.5)- A memory corruption vulnerability within the Core Audio framework. … Continued
Yesterday, out of the blue, the infamous and notorious cybercrime marketplace BreachForums went inactive. The site has been a hub for high-profile data leaks, including a recent wave of hacks involving threat actors aligned with Algeria and Morocco, which we reported just last week. Background BreachForums operated both on the clear web and as a … Continued
Chinese authorities have accused the U.S. National Security Agency (NSA) of orchestrating a series of cyberattacks targeting the 2025 Asian Winter Games in Harbin and related critical infrastructure across Heilongjiang Province. In an unprecedented move, local police issued a public bounty for three alleged NSA operatives. Why it Matters This is not the first time … Continued
A cyberattack earlier this year on Conduent, a major American business services provider and government contractor, resulted in the theft of customer data. In a recent filing with U.S. Securities and Exchange Commission (SEC) revealed that threat actors were able to exfiltrate a set of files containing sensitive information associated with a limited number of … Continued
Huntress issued an alert following the discovery of active exploitation of newly disclosed zero-day vulnerability (CVE-2025-30406) in Gladinet’s CentreStack and Triofox platforms. The vulnerability, marked as critical (CVSS 9.0), allows unauthenticated remote code execution through cryptographic keys present in configuration files. Gladinet CentreStack and Triofox Exploited in the Wild The first known exploit attempt occurred … Continued
Security researchers from Appknox have found 10 serious vulnerabilities in Perplexity AI chatbot’s Android application. The flaws — some of which are shared with other AI chatbots — prompted security reserachers o urge users to uninstall the app until fixes are implemented. Researchers Uncover 10 Security Flaws in Perplexity AI Chatbot Appknox found twice as … Continued
The notorious Phishing-as-a-service (PhaaS) platform Tycoon2FA kit has introduced several new evasion techniques to bypass EDR solutions and detection mechanism. Tycoon 2FA kit uses custom CAPTCHA rendered using HTML5 canvas, Unicode characters in obfuscated JavaScript, and anti-debugging scripts to bypass detection mechanisms and EDR. Technical analysis Tycoon2FA was initially by Sekoia researchers in October 2023. … Continued
