top of page
ALL POSTS
U.S. CISA Adds Critical Enterprise Software Vulnerabilities to Known Exploited Vulnerabilities Catalog
Key Findings CISA added Oracle PeopleSoft Enterprise PeopleTools vulnerability CVE-2026-35273 (CVSS 9.8) to its Known Exploited Vulnerabilities catalog following active exploitation by ShinyHunters CISA added Ivanti Sentry vulnerability CVE-2026-10520 (CVSS 10.0) to its Known Exploited Vulnerabilities catalog with a mandatory federal agency patching deadline of June 14, 2026 The Oracle flaw was exploited as a zero-day for nearly two weeks before vendor disclosure, affecting o
Jun 133 min read
CISA Adds Microsoft and Adobe Vulnerabilities to Known Exploited Vulnerabilities Catalog
Key Findings CISA added seven vulnerabilities to its Known Exploited Vulnerabilities catalog, including Microsoft Defender flaws currently under active exploitation Two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498) are being actively exploited in the wild CVE-2026-41091 allows attackers to escalate privileges to SYSTEM level with a CVSS score of 7.8 Five additional legacy vulnerabilities from 2008-2010 were added to the catalog, affecting Windows, Int
May 212 min read
Hidden VMs: How Hackers Leverage QEMU to Steal Data and Spread Malware Stealthily
Key Findings Sophos researchers identified a significant uptick in threat actors using QEMU, an open-source emulator, to hide malware in virtual machines and evade detection Two distinct campaigns since late 2025 leverage QEMU for defense evasion: STAC4713 linked to PayoutsKing ransomware and STAC3725 exploiting CitrixBleed2 Attackers use hidden VMs to maintain long-term access, steal credentials and data, deploy ransomware, and leave minimal forensic traces on host systems T
Apr 183 min read
Four New Android Malware Families Target 800+ Apps Globally
Key Findings Four new Android malware families identified by Zimperium zLabs: RecruitRat, SaferRat, Astrinox, and Massiv Campaigns actively targeting over 800 banking and cryptocurrency applications Malware employs overlay attacks to steal credentials and sensitive data Capable of intercepting one-time passwords and recording screen activity Distribution methods include phishing, smishing, and fake job recruitment sites Background Zimperium zLabs cybersecurity researchers hav
Apr 182 min read
JanelaRAT: Financial Malware Targeting Latin American Banks with Thousands of Attacks in 2025
Key Findings JanelaRAT is a modified BX RAT variant targeting financial institutions across Latin America, with 14,739 recorded attacks in Brazil and 11,695 in Mexico during 2025 The malware uses a custom title bar detection mechanism to identify banking websites and execute fraudulent actions in real-time Initial infection relies on phishing emails mimicking invoice notifications, leading to multi-stage infection chains using MSI installers and DLL side-loading Recent campai
Apr 133 min read
Iran-Linked Cyber Actors Escalate Attacks on US Critical Infrastructure Through PLC Exploitation
Key Findings Iran-affiliated cyber actors are actively targeting internet-exposed programmable logic controllers (PLCs) across U.S. critical infrastructure sectors including government, water systems, and energy Attacks have caused diminished PLC functionality, manipulated display data, operational disruption, and financial losses Threat actors are exploiting Rockwell Automation and Allen-Bradley PLCs, specifically CompactLogix and Micro850 devices Initial access is gained th
Apr 82 min read
Fast-moving Storm-1175 exploits new vulnerabilities to breach networks and deploy Medusa
Key Findings China-based Storm-1175 executes rapid ransomware attacks, sometimes completing full intrusions within 24 hours The group exploits newly disclosed vulnerabilities before organizations can patch them, leveraging over 16 different flaws since 2023 Primary targets include healthcare, education, finance, and services sectors across the US, UK, and Australia Storm-1175 has weaponized zero-day exploits before public disclosure, demonstrating advanced capabilities The gr
Apr 73 min read
bottom of page
