A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on victims’ computers. ​ ​ ​Read More

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware families, according to new findings from Huntress. This includes a Linux backdoor called PeerBlight, a reverse proxy tunnel named CowTunnel, and a Go-based ​ ​…

New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has codenamed the “invalid cast vulnerability” SOAPwn, said the issue impacts Barracuda Service Center RMM, Ivanti Endpoint Manager (EPM), and Umbraco 8. But the number of affected vendors is likely…

Ransomware actors have targeted manufacturers, retailers, and the Japanese government, with many organizations requiring months to recover. ​ ​ ​Read More

Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed vulnerabilities. Despite releasing a lower-than-normal number of security updates these past few months, Microsoft patched…

Proof-of-concept exploit code is publicly available for two other flaws in this month’s Patch Tuesday. In total, the company issued patches for more than 1,150 flaws this year. ​ ​ ​Read More

Shanya is the latest in an emerging field of packing malware, selling obfuscation functionality in order to help ransomware actors reach their target. ​ ​ ​Read More

The Apache Software Foundation’s earlier fix for a critical Tika flaw missed the full scope of the vulnerability, prompting an updated advisory and CVE. ​ ​ ​Read More

Attacks against CVE-2025-55182, which began almost immediately after public disclosure last week, have increased as more threat actors take advantage of the flaw. ​ ​ ​Read More

The US Treasury’s Financial Crimes Enforcement Network shared data showing how dramatically ransomware attacks have changed over time. ​ ​ ​Read More