Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according […]
Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution
A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation. ​The original […]
A New ‘It RAT’: Stealthy ‘Resolver’ Malware Burrows In
A new infostealer on the market is making big waves globally, replacing Lumma et al. in attacks and employing so many stealth, persistence, and anti-analysis […]
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. “The threat […]
Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft
Cybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. […]
BPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks
A new wave of cyber espionage attacks has brought BPFDoor malware into the spotlight as a stealthy and dangerous tool for compromising networks. According to […]
Microsoft: New Windows updates fix Active Directory policy issues
Microsoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy. […] ​The original article […]
VMware ESXi 8.0 Update 3e Is Now Free — Here’s What’s New
VMware has announced that ESXi 8.0 Update 3e, the latest version of its industry-leading hypervisor, is now available for download at no cost. Released on April 10, […]
Chinese APT Group Targets Ivanti VPN Vulnerabilities to Breach Networks
In a concerning report from cybersecurity firm TeamT5, it has been revealed that a Chinese Advanced Persistent Threat (APT) group leveraged critical vulnerabilities in Ivanti […]
IBM Aspera Faspex Flaw Allows Injection of Malicious JavaScript in Web UI
A significant security vulnerability has been identified in IBM Aspera Faspex 5, a popular file exchange solution. The flaw, designated as CVE-2025-3423, allows attackers to […]