Putting the dampener on tamperers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Gladinet CentreStack to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2025-30406 (CVSS score: 9.0), concerns a case of a hard-coded cryptographic key that could be abused to achieve…

An impostor who posed as the secretary of state in text and voice communications with diplomats and politicians demonstrates the increased sophistication of and national security threat posed by the AI technology.

A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. “Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,” Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign….

A threat actor hacked a version of SonicWall’s NetExtender SSL VPN application in an effort to trick users into installing a Trojanized version of the product.

Though rudimentary and largely non-functional, the wryly named “Skynet” binary could be a harbinger of things to come on the malware front.

An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as permanently erase them, a development that has been described as a “rare dual-threat.” “The ransomware features a ‘wipe mode,’ which permanently erases files, rendering recovery impossible even if the ransom is paid,” Trend Micro researchers Maristel Policarpio, Sarah Pearl Camiling,…