GOLD SALEM tradecraft for deploying Warlock ransomware

Blog

Byadmblake December 11, 2025

Analysis of the tradecraft evolution across 6 months and 11 incidents

Blog

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO. Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to

Read More China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Blog

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2023-52163 (CVSS score: 8.8), relates to a case of command injection that allows post-authentication remote code

Read More CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
Blog

CISA Cuts: A Dangerous Gamble in a Dangerous World

The Cybersecurity and Infrastructure Security Agency’s role in risk management needs to expand, not shrink.

Read More CISA Cuts: A Dangerous Gamble in a Dangerous World
Blog

Harmonic Security Raises $17.5M Series A to Accelerate Zero-Touch Data Protection to Market

Post Content

Read More Harmonic Security Raises $17.5M Series A to Accelerate Zero-Touch Data Protection to Market
Blog

⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely on—and in some cases, they started attacking before a fix was even ready. Below, we list the urgent updates you need…

Read More ⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More
Blog

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company’s November 2025 Patch Tuesday updates, according to ACROS Security’s 0patch. The vulnerability in question is CVE-2025-9491 (CVSS score: 7.8/7.0), which has been described as a Windows Shortcut (LNK) file UI misinterpretation vulnerability that…

Read More Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Related