Lumma Stealer, coming and going

As package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers.

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware. The vulnerability in question is CVE-2025-32432, a maximum severity flaw in Craft CMS that was patched…

The rapid adoption of cloud services, SaaS applications, and the shift to remote work have fundamentally reshaped how enterprises operate. These technological advances have created a world of opportunity but also brought about complexities that pose significant security threats. At the core of these vulnerabilities lies Identity—the gateway to enterprise security and the number one…

Microsoft throws a farewell party for Win10, Office 2016, and Office 2019… a very big party

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are below – checker-SaGaF (2,605 downloads) steinlurks (1,049 downloads) sinnercore (3,300…

RondoDox takes a hit-and-run, shotgun approach to exploiting bugs in consumer edge devices around the world.