Non classé

A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors.
Cybersecurity firm Trend Micro said the first wave, codenamed VENOM, mainly targeted software service providers, while

A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors.
Cybersecurity firm Trend Micro said the first wave, codenamed VENOM, mainly targeted software service providers, while

Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase in confirmed breaches, with the exploitation of vulnerabilities as an initial access step growing by 34%. 
As attacks rise

Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data Breach Investigations Report found an 18% YoY increase in confirmed breaches, with the exploitation of vulnerabilities as an initial access step growing by 34%. 
As attacks rise

Cybersecurity researchers have discovered a new phishing campaign that’s being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina.
The campaign is « using crafted emails that impersonate invoices or financial documents to trick victims into opening malicious attachments and can steal email

Cybersecurity researchers have discovered a new phishing campaign that’s being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina.
The campaign is « using crafted emails that impersonate invoices or financial documents to trick victims into opening malicious attachments and can steal email

Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild.
Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twenty-eight of these vulnerabilities lead to remote code execution, 21 of them

Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild.
Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twenty-eight of these vulnerabilities lead to remote code execution, 21 of them

Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems.
The vulnerability, tracked as CVE-2025-32756, carries a CVSS score of 9.6 out of 10.0.
« A stack-based overflow vulnerability [CWE-121] in FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera may allow a remote unauthenticated attacker to

Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems.
The vulnerability, tracked as CVE-2025-32756, carries a CVSS score of 9.6 out of 10.0.
« A stack-based overflow vulnerability [CWE-121] in FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera may allow a remote unauthenticated attacker to

Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution.
The vulnerabilities in question are listed below –

CVE-2025-4427 (CVSS score: 5.3) – An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials

Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution.
The vulnerabilities in question are listed below –

CVE-2025-4427 (CVSS score: 5.3) – An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks.
« Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE), » EclecticIQ researcher Arda Büyükkaya said in an analysis published today.
Targets of the campaign

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks.
« Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE), » EclecticIQ researcher Arda Büyükkaya said in an analysis published today.
Targets of the campaign

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that purports to be an application related to the Solana blockchain, but contains malicious functionality to steal source code and developer secrets.
The package, named solana-token, is no longer available for download from PyPI, but not before it was downloaded 761 times. It was first

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that purports to be an application related to the Solana blockchain, but contains malicious functionality to steal source code and developer secrets.
The package, named solana-token, is no longer available for download from PyPI, but not before it was downloaded 761 times. It was first

The cybersecurity landscape has been dramatically reshaped by the advent of generative AI. Attackers now leverage large language models (LLMs) to impersonate trusted individuals and automate these social engineering tactics at scale. 
Let’s review the status of these rising attacks, what’s fueling them, and how to actually prevent, not detect, them. 
The Most Powerful Person on the

The cybersecurity landscape has been dramatically reshaped by the advent of generative AI. Attackers now leverage large language models (LLMs) to impersonate trusted individuals and automate these social engineering tactics at scale. 
Let’s review the status of these rising attacks, what’s fueling them, and how to actually prevent, not detect, them. 
The Most Powerful Person on the

The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor’s targeting beyond Russia.
Enterprise security firm Proofpoint said the end goal of the campaign is to collect intelligence on the « trajectory of the Russian invasion. »
« The group’s interest in Ukraine follows historical targeting

The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor’s targeting beyond Russia.
Enterprise security firm Proofpoint said the end goal of the campaign is to collect intelligence on the « trajectory of the Russian invasion. »
« The group’s interest in Ukraine follows historical targeting