Intel
Recent investigations by cybersecurity experts have uncovered the deployment of advanced spyware named Graphite, developed by the Israeli company Paragon Solutions, targeting individuals through WhatsApp. This attack utilized a zero-click exploit, leveraging an undisclosed vulnerability in WhatsApp's software, allowing unauthorized access to devices without user interaction. Understanding the
A newly discovered vulnerability in Veeam's Backup & Replication software poses a significant security risk to domain-joined installations. Identified as CVE-2025-23120, this critical remote code execution flaw has been addressed in the latest software update. Organizations using this software should prioritize upgrading to the patched version to mitigate
A sophisticated malware campaign, active for nearly a decade, has compromised over 20,000 WordPress websites. Known as "DollyWay World Domination," this operation has been active since 2016. Recent findings by GoDaddy reveal that multiple threat campaigns, previously thought to be separate, are part of a larger cybercrime
A recent cyber-espionage campaign has been identified, targeting Ukraine's defense sector with a sophisticated malware known as Dark Crystal RAT (DCRat). The attack, highlighted by Ukraine's Computer Emergency Response Team (CERT-UA), involves the deployment of this remote access Trojan to infiltrate sensitive defense-related organizations. Understanding Dark
A newly discovered malware campaign is leveraging YouTube to distribute a sophisticated stealer known as Arcane. This malicious software is being promoted through videos that advertise game cheats, showcasing the evolving tactics of cybercriminals who exploit popular platforms to disseminate malware. Arcane is particularly dangerous due to its comprehensive data
In February 2025, the eSentire Threat Response Unit (TRU) uncovered a ransomware operation targeting a retail organization. This attack was attributed to Hunters International, a group that surfaced in mid-2023. The group reportedly acquired ransomware source code from Hive, operating independently with their own infrastructure. Initial Access and Exploitation The
In a recent breakthrough, researchers from Palo Alto Networks' Unit 42 have identified three distinct malware variants that challenge conventional attribution and exhibit rare functionalities. Reported in March 2025, these include a C++/CLI backdoor for IIS servers, a bootkit altering the GRUB 2 loader, and a Windows-based implant
A critical zero-day vulnerability, identified as ZDI-CAN-25373, has been exploited by state-sponsored hacking groups for several years, underscoring its severe security implications. This exploit leverages Windows shortcut (.lnk) files to execute malicious commands stealthily, bypassing detection. Security experts have linked this vulnerability to cyber-espionage and data theft campaigns targeting global
The emergence of the Rules File Backdoor attack poses a significant threat to AI code editors like GitHub Copilot and Cursor. This sophisticated supply chain vulnerability allows malicious actors to inject harmful code into AI-generated outputs, potentially impacting countless software projects. Understanding the Rules File Backdoor Attack Researchers at Pillar