Active Exploitation Reported for CVE-2025-11001 in 7-Zip

Active exploitation of CVE-2025-11001 has been observed in the wild. A security researcher has also publicly released a proof-of-concept (PoC) exploit for CVE-2025-11001. The PoC allows attackers to abuse symbolic-link handling to write files outside of the intended extraction folder, Read More …

Microsoft says Azure was hit with a massive DDoS attack launched from over 500,000 IP addresses

Microsoft has said it successfully mitigated, “the largest DDoS attack ever observed in the cloud” after cybercriminals running the Aisuru botnet targeted a single endpoint, located in Australia. The attack was a sight to behold: more than 500,000 source IPs, Read More …

Digital Doppelgangers: Anatomy of Evolving Impersonation Campaigns Distributing Gh0st RAT

Palo Alto Unit 42 researchers have identified two interconnected malware campaigns active throughout 2025, using large-scale brand impersonation to deliver Gh0st remote access Trojan (RAT) variants to Chinese-speaking users. From the first campaign to the second, the adversary advanced from Read More …

Threat Landscape of the Building and Construction Sector Part Two: Ransomware

The construction sector is increasingly vulnerable to ransomware attacks in 2025 due to its complex ecosystem and distinctive operational challenges. Construction projects typically involve a web of contractors, subcontractors, suppliers, and consultants, collaborating through shared digital platforms and exchanging sensitive Read More …

Uncovering a Multi-Stage Phishing Kit Targeting Italy’s Infrastructure

Phishing remains one of the most persistent and adaptive threats in cybersecurity. It is common and widespread for cybercriminals to impersonate reputable IT companies in phishing campaigns, exploiting the trust these brands have built and thus targeting both affected companies Read More …

Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics

In the wake of a targeted doxxing campaign last month that exposed the alleged core members of Lumma Stealer (which Trend Micro tracks as Water Kurita), the underground infostealer landscape experienced a significant upheaval. As detailed in Trend Research’s previous Read More …

#StopRansomware: Akira Ransomware

The United States’ Federal Bureau of Investigation (FBI) and partner organisations are releasing this joint advisory to disseminate known Akira ransomware IOCs and TTPs identified through FBI investigations and trusted third-party reporting as recently as November 2025. Akira ransomware threat Read More …

Criminals Impersonate US Health Insurance Providers Target Chinese Speakers Residing in the United States

The Federal Bureau of Investigation (FBI) warns the public about an evolving financial fraud scheme targeting Chinese speaking individuals residing in the United States in which criminals impersonate US health insurance providers and Chinese law enforcement. Targeted individuals receive a Read More …

UK: NHS providers reviewing stolen data published by cyber criminals

Pathology supplier Synnovis is contacting NHS organisations which had data stolen and published online following a major cyber attack last year. Synnovis has now completed its investigation into patient and staff data published online by the cyber criminal gang on Read More …