04/02
04/03
04/04
8 Posts

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) | Google Cloud Blog

https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) | Google Cloud Blog
7 Posts

Hotpatch for Windows client now available - Windows IT Pro Blog

https://techcommunity.microsoft.com/blog/windows-itpro-blog/hotpatch-for-windows-client-now-available/4399808
Hotpatch for Windows client now available - Windows IT Pro Blog
6 Posts

Tracking Adversaries: EvilCorp, the RansomHub affiliate

https://blog.bushidotoken.net/2025/04/tracking-adversaries-evilcorp-ransomhub.html
Tracking Adversaries: EvilCorp, the RansomHub affiliate
5 Posts

Recent GitHub supply chain attack traced to leaked SpotBugs token

https://www.bleepingcomputer.com/news/security/recent-github-supply-chain-attack-traced-to-leaked-spotbugs-token/
Recent GitHub supply chain attack traced to leaked SpotBugs token
4 Posts

BH2025_ReverseEngineeringHexagonISDB.pdf

https://zerodayengineering.com/research/slides/BH2025_ReverseEngineeringHexagonISDB.pdf
BH2025_ReverseEngineeringHexagonISDB.pdf
4 Posts

Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign

https://thehackernews.com/2025/04/legacy-stripe-api-exploited-to-validate.html
Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign
4 Posts

Ivanti patches Connect Secure zero-day exploited since mid-March

https://www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/
Ivanti patches Connect Secure zero-day exploited since mid-March
4 Posts

Unboxing Anubis: Exploring the Stealthy Tactics of FIN7's Latest Backdoor

https://www.gdatasoftware.com/blog/2025/03/38161-analysis-fin7-anubis-backdoor
Unboxing Anubis: Exploring the Stealthy Tactics of FIN7's Latest Backdoor
4 Posts

Oracle privately confirms Cloud breach to customers

https://www.bleepingcomputer.com/news/security/oracle-reportedly-confirms-oracle-cloud-breach-to-customers/
Oracle privately confirms Cloud breach to customers
3 Posts

MalwareBazaar | Shenzhen Zhixinjie Technology Co Ltd

https://bazaar.abuse.ch/browse/tag/Shenzhen%20Zhixinjie%20Technology%20Co%20Ltd/
MalwareBazaar | Shenzhen Zhixinjie Technology Co Ltd
3 Posts

Just a moment...

https://thehackernews.com/2025/04/lazarus-group-targets-job-seekers-with.html
Just a moment...
3 Posts

Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices

https://thehackernews.com/2025/04/triada-malware-preloaded-on-counterfeit.html
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
3 Posts

Texas State Bar warns of data breach after INC ransomware claims attack

https://www.bleepingcomputer.com/news/security/texas-state-bar-warns-of-data-breach-after-inc-ransomware-claims-attack/
Texas State Bar warns of data breach after INC ransomware claims attack
3 Posts

CVE-2025-31334: WinRAR Flaw Enables Mark-of-the-Web Bypass and Arbitrary Code Execution

https://securityonline.info/cve-2025-31334-winrar-flaw-enables-mark-of-the-web-bypass-and-arbitrary-code-execution/
CVE-2025-31334: WinRAR Flaw Enables Mark-of-the-Web Bypass and Arbitrary Code Execution
3 Posts

Verizon Call Filter API flaw exposed customers' incoming call history

https://www.bleepingcomputer.com/news/security/verizon-call-filter-api-flaw-exposed-customers-incoming-call-history/
Verizon Call Filter API flaw exposed customers' incoming call history
3 Posts

Fast Flux: A National Security Threat | CISA

https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-093a
Fast Flux: A National Security Threat | CISA