HeartCrypt’s wholesale impersonation effort

Blog

Byadmblake September 26, 2025

How the notorious Packer-as-a-Service operation built itself into a hydra

Blog

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. To that end, Federal Civilian Executive Branch (FCEB) agencies are required to remediate identified vulnerabilities by July 23, 2025. “CISA is

Read More CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
Blog

Apache Tomcat RCE

What is the Vulnerability?On March 10, 2025, Apache issued a security advisory regarding a critical vulnerability (CVE-2025-24813) affecting the Apache Tomcat web server. This flaw could allow attackers to view or inject arbitrary content into security-sensitive files and potentially achieve remote code execution.Exploit code for this vulnerability is publicly available, and no authentication is required…

Read More Apache Tomcat RCE
Blog

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent remote access to compromised networks as part of a nearly three-year campaign. “While earlier operations relied on broad strategic web compromises to compromise legitimate websites, APT24 has recently pivoted to using more sophisticated vectors targeting

Read More APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
Blog

Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization

Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the United States. The attack, per the Symantec Threat Hunter Team, part of Broadcom, leveraged CVE-2025-29824, a privilege escalation flaw in the Common Log…

Read More Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
Blog

Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android

Google on Thursday announced it’s rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android. The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops. “The on-device approach provides instant insight on risky websites and…

Read More Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
Blog

Lazarus Group Hunts European Drone Manufacturing Data

The campaign is the latest effort by the North Korean threat actor to collect data of strategic interest to Pyongyang.

Read More Lazarus Group Hunts European Drone Manufacturing Data

Related