Spam and phishing in 2025

In 2025, online streaming services remained a primary theme for phishing sites within the entertainment sector, typically by offering early access to major premieres ahead of their official release dates. Alongside these, there was a notable increase in phishing pages Read More …

UK: Welsh firms ill-prepared to meet the challenges of cyber security threats

Many businesses in Wales lack the readiness to meet cyber security threats while also underestimating their potential costs, shows new research. Undertaken by Bridgend-based managed services provider CSG, the research focused on firms across construction, manufacturing, professional services, retail, public Read More …

PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups

Since 2023, Trend Micro researchers have been observing threat campaigns employing a previously unseen script-based command-and-control (C&C) framework which we named PeckBirdy, being used against Chinese gambling industries, as well as malicious activities targeting Asian government entities and private organizations. Read More …

The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time

Imagine visiting a webpage that looks perfectly safe. It has no malicious code, no suspicious links. Yet, within seconds, it transforms into a personalized phishing page. This isn’t merely an illusion. It’s the next frontier of web attacks where attackers Read More …

Watering Hole Attack Targets EmEditor Users with Information-Stealing Malware

In late December 2025, EmEditor, a highly extensible and widely used text, code, and CSV editor developed by U.S.-based Emurasoft, published a security advisory warning users that its download page had been compromised. The attackers’ objective was to distribute a Read More …

RondoDox botnet linked to large-scale exploit of critical HPE OneView bug

A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet. The security outfit says it has identified “large-scale exploitation” of CVE-2025-37164, a maximum-severity remote code execution bug in Read More …

Cisco has finally patched a maximum-level security issue

A maximum-severity vulnerability in certain Cisco products has finally been addressed after allegedly being exploited by Chinese hackers for several weeks. In mid-December 2025, the networking giant disclosed a remote code execution (RCE) vulnerability in AsyncOS that affects Secure Email Read More …

Phishing scammers are posting fake “account restricted” comments on LinkedIn

Recently, fake LinkedIn profiles have started posting comment replies claiming that a user has “engaged in activities that are not in compliance” with LinkedIn’s policies and that their account has been “temporarily restricted” until they submit an appeal through a Read More …

Analyzing a Multi-Stage AsyncRAT Campaign via Managed Detection and Response

AsyncRAT has emerged as a notable Remote Access Trojan (RAT) used by threat actors for its robust capabilities and ease of deployment. It gained favor for its extensive feature set, which includes keylogging, screen capturing, and remote command execution capabilities. Read More …

‘ZombieAgent’ zero click vulnerability allows for silent account takeover

OpenAI recently introduced a new feature for ChatGPT which, unfortunately, also puts users at risk of data exfiltration and persistent access. In December 2025, a feature called Connectors finally moved out of beta and into general availability. This feature allows Read More …