Microsoft primes 71 fixes for May Patch Tuesday

Blog

Byadmblake May 14, 2025

Five issues actively exploited in the wild, but the real excitement may have been handled in advance

Blog

⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More

If this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to find. The detection? Came too late. This is how attacks happen now—quiet, convincing, and fast. Defenders aren’t just chasing hackers anymore—they’re struggling to trust what…

Read More ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
Blog

Sharing of Telegram User Data Surged After CEO Arrest

Until September 2024, the encrypted messaging service acceded to 14 requests for user data from the US; that number jumped to 900 after its CEO was detained by French authorities in August.

Read More Sharing of Telegram User Data Surged After CEO Arrest
Blog

Palo Alto PAN-OS Authentication Bypass

What is the Vulnerability? A recent authentication bypass vulnerability (CVE-2025-0108) in the Palo Alto Networks PAN-OS software is under active exploitation as has been added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog. Successful exploitation of CVE-2025-0108 enables an unauthenticated attacker with network access to the management web interface to bypass the authentication required by the…

Read More Palo Alto PAN-OS Authentication Bypass
Blog

UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns

Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 (aka Unknown Group 0002) as part of a broader cyber espionage campaign. “This threat entity demonstrates a strong preference for using shortcut files (LNK), VBScript, and post-exploitation tools such as Cobalt Strike and Metasploit, while…

Read More UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
Blog

U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues

The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns. The development was first reported by Axios. The decision, according to the House Chief Administrative Officer (CAO), was motivated by worries about the app’s security. “The Office of Cybersecurity has deemed WhatsApp a high-risk to…

Read More U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
Blog

‘Jingle Thief’ Highlights Retail Cyber Threats

A Morocco-based gift card fraud campaign is a sign of what retailers can expect this holiday season.

Read More ‘Jingle Thief’ Highlights Retail Cyber Threats

Related