Internet Security

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

April 2, 2025 add comment
FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. The threat actor FIN7, also known as Savage Ladybug, has... Read more »

U.S. CISA adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog

April 2, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Apache Tomcat path... Read more »

Apple backported fixes for three actively exploited flaws to older devices

April 2, 2025 add comment
Apple backports three critical vulnerabilities actively exploited in attacks against older iOS and macOS models. Apple has backported fixes for three actively exploited vulnerabilities to older devices and OS... Read more »

Spike in Palo Alto Networks scanner activity suggests imminent cyber threats

April 2, 2025 add comment
Hackers are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks. Researchers at the threat intelligence firm GreyNoise warn of hackers that are scanning... Read more »

Microsoft warns of critical flaw in Canon printer drivers

April 1, 2025 add comment
Microsoft’s offensive security team discovered a critical code execution vulnerability impacting Canon printer drivers.  Researchers at Microsoft’s Offensive Research and Security Engineering (MORSE) team have discovered a critical code... Read more »

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

April 1, 2025 add comment
Attackers exploit CrushFTP CVE-2025-2825 flaw, enabling unauthenticated access to unpatched devices using public proof-of-concept code. Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825, in the... Read more »

France’s antitrust authority fines Apple €150M for issues related to its App Tracking Transparency

April 1, 2025 add comment
France fines Apple €150M for abusing its dominance in ATT consent practices on iOS and iPadOS from 2021 to 2023. France’s Autorité de la concurrence fined Apple €150M for... Read more »

Hiding WordPress malware in the mu-plugins directory to avoid detection

April 1, 2025 add comment
Sucuri researchers spotted threat actors deploying WordPress malware in the mu-plugins directory to evade security checks. In February, Sucuri warned of threat actors exploiting WordPress mu-plugins, which auto-load without... Read more »

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

March 31, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco... Read more »

Russia-linked Gamaredon targets Ukraine with Remcos RAT

March 31, 2025 add comment
Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive... Read more »
Subscribe to our Newsletter