In what has been described as an “extremely sophisticated phishing attack,” threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google’s infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. “The first thing to note is that this is a valid, signed email – it really…
Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it’s also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed updates to Microsoft Entra ID and…
The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. “Targets included a government ministry, an air traffic control organization, a telecoms operator, and a construction company,” the Symantec Threat Hunter Team said in…
What is the Vulnerability? A critical SSH vulnerability has recently been identified in the Erlang/Open Telecom Platform (OTP). The vulnerability, tracked as CVE-2025-32433, has been assigned a CVSS score of 10.0. It is unauthenticated, remotely exploitable, and requires low complexity to execute.Erlang/OTP is commonly found in IoT devices and telecommunications platforms, and is prominently used…
Since January, threat actors distributing the malware have notched up more than 100 victims.
The threat actor uses sophisticated social engineering techniques to infect a victim’s device, either with an infostealer or remote access Trojan (RAT).
Cyberthreat groups increasingly see small and medium-sized businesses, especially those with links to larger businesses, as the weak link in the supply chain for software and IT services.
Cybersecurity firms tend to be more software- and service-oriented than their peers, and threats tend to increase during a downturn, leaving analysts hopeful that the industry will buck a recession.
Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access. The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC). “In some systems, initial access was gained through
The vulnerability is only found in the vendor’s router series and can be triggered by an attacker using a crafted request — all of which helps make it a highly critical vulnerability with a 9.2 CVSS score.