2025 January(178) February(102) March(349) April(412) May(435) June(20) July(0) August(0) September(0)
DATE |
NAME |
Info |
CATEG. |
WEB |
| 1.6.25 | New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora | Two information disclosure flaws have been identified in apport and systemd-coredump , the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, | Vulnerebility | The Hacker News |
| 1.6.25 | U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation | A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered services to threat actors to ensure that | CyberCrime | The Hacker News |
| 1.6.25 | Infostealer Malware FormBook Spread via Phishing Campaign – Part II | Learn how the FormBook payload operates on a compromised machine, including the complicated anti-analysis techniques employed by this variant. | Malware blog | FOTINET |
| 1.6.25 | Storm-0558 and the Dangers of Cross-Tenant Token Forgery | Modern cloud ecosystems often place a single identity provider in charge of handling logins and tokens for a wide range of customers. | Hacking blog | TRUSTWAVE |
| 1.6.25 | U.S. Treasury Sanctions FUNNULL CDN, FBI Issues Advisory Warning Against Major Cyber Scam Facilitator | The U.S. Department of the Treasury sanctioned Chinese-based content delivery network (CDN), FUNNULL, labeling it as a major distributor of online scams. The FBI concurrently released an advisory report to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to FUNNULL. | Spam blog | Silent Push |
| 1.6.25 | Lumma Infostealer – Down but Not Out? | The takedown achieved a significant disruption to Lumma infostealers’ infrastructure, but likely didn’t permanently affect most of its Russia-hosted infrastructure. | Malware blog | Checkpoint |
| 1.6.25 | The Week in Vulnerabilities: Cyble Sensors Detect Attack Attempts on SAP, Ivanti | Attack attempts picked up by Cyble Sensors’ honeypots highlight threat actors’ resourcefulness and the need for strong security defenses. | Vulnerebility blog | Cyble |
| 1.6.25 | CISA Updates Advisory for Active Exploitation Targeting Commvault Metallic SaaS Cloud Platform | CISA issues urgent update on threats targeting Commvault’s Metallic SaaS platform, widely used for Microsoft 365 backups. | Exploit blog | Cyble |
| 1.6.25 | FBI Warns Silent Ransom Group Targeting U.S. Law Firms Using Social Engineering and Callback Phishing | The U.S. Federal Bureau of Investigation (FBI) has issued a fresh alert warning law firms and cybersecurity professionals about ongoing cyber threat activity linked to the Silent Ransom Group (SRG)—also known as Luna Moth, Chatty Spider, or UNC3753. | Ransom blog | Cyble |
| 1.6.25 | Lyrix Ransomware | EXECUTIVE SUMMARY CYFIRMA’s research team discovered Lyrix Ransomware while monitoring underground forums as part of our Threat Discovery Process. Developed in Python and | Ransom blog | Cyfirma |
| 1.6.25 | Windows 11 Migration: Navigating the Hardware-Driven Challenges | The clock is ticking. With Microsoft ending Windows 10 support on October 25, 2025—just six months away—organizations worldwide are racing against time to complete their Windows 11 migration. | OS Blog | Eclypsium |
| 1.6.25 | Enhanced Threat Detection: Bootloaders, Bootkits, and Secure Boot | The attack surface Eclypsium set out to defend extends to areas in our systems that many security teams and monitoring tools are either overlooking or trusting someone else has secured for them. | Malware blog | Eclypsium |
| 1.6.25 | Trend Micro Leading the Fight to Secure AI | New MITRE ATLAS submission helps strengthen organizations’ cyber resilience | AI blog | Trend Micro |
| 1.6.25 | Earth Lamia Develops Custom Arsenal to Target Multiple Industries | Trend™ Research has been tracking an active APT threat actor named Earth Lamia, targeting multiple industries in Brazil, India and Southeast Asia countries at least since 2023. The threat actor primarily exploits vulnerabilities in web applications to gain access to targeted organizations. | APT blog | Trend Micro |
| 1.6.25 | NightSpire Ransomware Encrypts Cloud-Stored OneDrive Files | This week, the SonicWall Capture Labs threat research team analyzed a ransomware variant known as NightSpire. While its behavior is typical of most ransomware—encrypting user files and providing recovery instructions via a text file—what makes NightSpire especially concerning is its rapid growth. | Ransom blog | SonicWall |
| 1.6.25 | Cybercriminals camouflaging threats as AI tool installers | Cisco Talos has uncovered new threats, including ransomware like CyberLock and Lucky_Gh0$t, and a destructive malware called Numero, all disguised as legitimate AI tool installers to target victims. | Cyber blog | CISCO TALOS |
| 1.6.25 | This month in security with Tony Anscombe – May 2025 edition | From a flurry of attacks targeting UK retailers to campaigns corralling end-of-life routers into botnets, it's a wrap on another month filled with impactful cybersecurity news | Cyber blog | Eset |
| 1.6.25 | Word to the wise: Beware of fake Docusign emails | Cybercriminals impersonate the trusted e-signature brand and send fake Docusign notifications to trick people into giving away their personal or corporate data | Cyber blog | Eset |
| 1.6.25 | The Windows Registry Adventure #8: Practical exploitation of hive memory corruption | In the previous blog post, we focused on the general security analysis of the registry and how to effectively approach finding vulnerabilities in it. | Vulnerebility blog | Project Zero |
| 1.6.25 | A Flyby on the CFO's Inbox: Spear-Phishing Campaign Targeting Financial Executives with NetBird Deployment | On May 15th, Trellix's email security products alerted on a highly targeted spear-phishing operation aimed at CFOs and finance executives at banks, energy companies, insurers, and investment firms across Europe, Africa, Canada, the Middle East, and South Asia. | Phishing blog | Trelix |