The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures. “LOSTKEYS is capable of stealing files from a hard-coded list of extensions and directories, along with sending system information and running processes to the attacker,” the Google Threat
The Iranian state-backed group targeted the operational technology of a critical national infrastructure (CNI) network and persisted in its network for years, but ultimately failed.
Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system. “This vulnerability is due to the presence of a…
What is the Vulnerability?CVE-2025-22457 is identified as a buffer overflow vulnerability affecting Ivanti Connect Secure, Policy Secure and ZTA Gateways. If successfully exploited, can result in remote code execution. This exploitation poses significant risks, potentially allowing unauthorized remote access to systems.The Google Threat Intelligence Group (GTIG) has linked the exploitation of CVE-2025-22457 and the subsequent…
Japan is being peppered with an overwhelming volume of spam, thanks to a new platform popular across the East China Sea.
Microsoft researchers identify 10 new potential pitfalls for companies who are developing or deploying agentic AI systems, with failures potentially leading to the AI becoming a malicious insider.
European regulators sent an unmistakable message about messing around with GDPR-protected data. How can organizations avoid similar compliance hassles?
The spyware company must pay the tech giant $168 million in punitive and compensatory damages after a 2019 attack targeting 1,400 devices.
Previously, Microsoft reported that Storm-2460 had also used the privilege escalation bug to deploy ransomware on organizations in several countries.
Researchers from Aon’s Stroz Friedberg incident response firm discovered a new attack type, known as “Bring Your Own Installer,” targeting misconfigured SentinelOne EDR installs.