Researchers have detailed sophisticated techniques to detect the Outlook NotDoor backdoor malware, a stealthy threat linked to the APT28/Fancy Bear threat group. This backdoor malware, first identified by Lab52, the intelligence arm of S2 Grupo, leverages malicious Outlook macros to achieve persistent access and facilitate data theft. By embedding macro…

Google has announced a significant milestone in its Android development, with the adoption of the Rust programming language now contributing to memory safety vulnerabilities falling below 20% for the first time. This shift represents a substantial improvement in the security posture of the widely used mobile operating system. The company…

BIO-key International has announced a significant deployment of its advanced biometric and multi-factor authentication solutions for a major defence organization in the Middle East. This deal, described as one of BIO-key’s largest in the region, focuses on providing identity-bound biometric access without the need for traditional mobile devices or hardware…

Botnet malware RondoDox is actively exploiting a critical vulnerability, CVE-2025-24893, in unpatched XWiki servers, enabling attackers to execute arbitrary code. This critical security flaw, with a CVSS score of 9.8, allows unauthenticated users to remotely execute malicious code by targeting the “/bin/get/Main/SolrSearch” endpoint. While patched by XWiki maintainers in late…

A critical security vulnerability has been identified in Ciscos Catalyst Center Virtual Appliance, allowing attackers with low-level access to gain complete administrative control over affected systems. The flaw, officially designated CVE-2025-20341, poses a significant risk to organizations relying on these systems for network management and monitoring, boasting a high severity…

A sophisticated new malware strain, dubbed RONINGLOADER, is actively targeting Chinese users, employing a dangerous tactic to neutralize cybersecurity defenses. This multi-stage loader, which deploys a modified version of the gh0st RAT, utilizes intricate methods to bypass antivirus software and evasion detection and response (EDR) tools. The discovery highlights an…

A sophisticated new malware family, dubbed DigitStealer, is targeting macOS systems with advanced techniques designed to evade detection and operate stealthily. This information stealer employs multi-stage attack chains, utilizing multiple payloads to compromise user data while minimizing its footprint on infected machines. The malware disguises itself as legitimate software and…

Cybercriminals are now weaponizing seemingly legitimate invoice emails to deploy the sophisticated XWorm remote-access trojan (RAT). This insidious malware operates stealthily in the background, allowing attackers to steal valuable login credentials, passwords, and sensitive personal files from infected systems. The latest attack vector exploits the unsuspecting nature of users who…

A sophisticated multi-stage phishing kit leveraging Telegram for credential harvesting and evading automated detection has been identified targeting users of Aruba S.p.A., a prominent Italian IT and web services provider. This advanced malware operation underscores the evolving tactics of cybercriminals aiming to compromise sensitive account information and financial data from…

Cybersecurity researchers have identified a new phishing campaign distributing the notorious Formbook malware. This sophisticated attack leverages weaponized ZIP files and a multi-stage scripting process to circumvent standard security measures, making it particularly challenging to detect. The Formbook malware is known for its ability to steal credentials and sensitive information…

A new advisory from the Cybersecurity and Infrastructure Security Agency (CISA) highlights Akira ransomware as a rapidly escalating threat, impacting over 250 organizations globally since March 2023. The group, believed to have ties to the defunct Conti ransomware operation, has reportedly extorted approximately $244.17 million in ransom payments by late…

Lumma Stealer, a sophisticated information-stealing malware, is actively targeting users by masquerading as legitimate software updates and cracked applications. This malware focuses on exfiltrating sensitive data, including login credentials, payment card details, and cryptocurrency wallet information from compromised systems. Security researchers have identified that Lumma Stealer is utilizing advanced techniques,…