Android zero-day vulnerabilities actively abused – update as soon as you can

Google has issued updates to fix 43 vulnerabilities in Android, including two zero-days that are being actively exploited in targeted attacks. The updates are available for Android 12, 12L, 13, 14, and 15. Android vendors are notified of all issues Read More …

US charges Chinese hackers who allegedly caused millions of dollars worth of damages

US prosecutors on Wednesday announced criminal charges against multiple Chinese nationals for allegedly hacking a range of US companies and municipalities for profit, causing millions of dollars’ worth of damage. Victims of the hackers include US-based critics of the Chinese Read More …

Critical Zero-day Vulnerabilities in VMware ESXi, Workstation, and Fusion

Broadcom has addressed three exploited vulnerabilities that, when chained, can allow an attacker to access the hypervisor through a running virtual machine. VMware’s official advisory does not include all affected product versions. VMware’s official advisory VMSA-2025-0004 includes a Response Matrix Read More …

Israel: IDF to impose social media restrictions after probe revealed posts assisted Hamas

The IDF is working to impose restrictions on soldiers and officials regarding their activity on social media, following the IDF probe published on Monday which showed markers left by IDF soldiers on social media granted Hamas a complete breakdown of Read More …

YouTube cracks down on gambling videos trying to lure viewers to unapproved sites

YouTube is cracking down on content related to gambling as sports betting and other online prediction markets have taken off in the United States. The platform announced Tuesday it will no longer allow content that directs users to “unapproved” gambling Read More …

Threat Actor Delivers Highly Targeted Multistage Polyglot Malware

In fall 2024, UNK_CraftyCamel leveraged a compromised Indian electronics company to target fewer than five organizations in the United Arab Emirates with a malicious ZIP file that leveraged multiple polyglot files to eventually install a custom Go backdoor dubbed Sosano. Read More …

Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal

The Trend Micro Managed XDR and Incident Response (IR) teams recently analyzed incidents where threat actors deploying Black Basta and Cactus ransomware used the same BackConnect malware to strengthen their foothold on compromised machines. The BackConnect malware is a tool Read More …

Uncovering .NET Malware Obfuscated by Encryption and Virtualization

This article examines obfuscation techniques used in popular malware families, and offers some insights into possible opportunities for automating unpacking of these malware samples. Palo Alto researchers will examine these behaviors in samples we have observed, showing how to extract Read More …