Sophos Firewall v21.5: NDR Essentials

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.

A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrite in the file update API of the Go-based self-hosted Git service. A fix…

Researchers at security vendor Cleafy detailed a malware known as “SuperCard X” that uses the NFC reader on a victim’s own phone to steal credit card funds instantly.

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. “The legitimate application used in the attack, jarsigner, is a file created during the installation of the IDE package distributed by the Eclipse Foundation,” the AhnLab SEcurity Intelligence…

Multiple threat activity clusters with ties to North Korea (aka Democratic People’s Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. “The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy sanctions that have been placed on North…

Several npm packages for SAP’s cloud application development ecosystem have been compromised as TeamPCP’s supply chain attacks broaden.