Fake Zoom SDK update helps Sapphire Sleet compromise Macs in new social-engineering campaign
A North Korean threat actor known as Sapphire Sleet has launched a new macOS campaign that uses a fake Zoom SDK update to steal passwords,…
Email-borne worm surge hit industrial control systems worldwide in late 2025
A sharp rise in email-borne worm activity hit industrial control systems in the fourth quarter of 2025, driven largely by a campaign spreading Backdoor.MSIL.XWorm through…
Hackers target old TP-Link routers in Mirai malware campaign tied to CVE-2023-33538
Hackers are actively trying to compromise several older TP-Link routers through CVE-2023-33538, a command injection flaw that affects end-of-life models. The risk is real because…
Pushpaganda used Google Discover and AI-written clickbait to push malicious notifications
A new threat campaign called Pushpaganda abused Google Discover to push deceptive stories into the feeds of Android and Chrome users, then tricked them into…
1,250+ C2 servers mapped across Russian hosting providers in new Hunt.io analysis
A new Hunt.io infrastructure study says more than 1,250 active command-and-control servers were found across 165 Russian infrastructure providers over a 90-day window from January…
Fake Adobe Reader download installs ScreenConnect through an in-memory attack chain
A newly documented malware campaign is using fake Adobe Acrobat Reader download pages to trick users into installing ConnectWise ScreenConnect. Zscaler ThreatLabz says the attack…
Critical Chrome vulnerabilities patched in Chrome 147 can lead to code execution
Google has released a new Chrome Stable Channel update that fixes 31 security bugs, including five rated Critical. The update brings Chrome to version 147.0.7727.101/102…
Splunk Enterprise and Cloud flaw can lead to remote code execution in Splunk Web
Splunk has disclosed a high-severity vulnerability in Splunk Enterprise and Splunk Cloud Platform that can let a low-privileged user achieve remote code execution in affected…
New Chrome privacy analysis shows how fingerprinting and header leaks can expose users
Google Chrome still leaves users broadly exposed to fingerprinting techniques that can help websites and trackers identify them across sessions. A new analysis highlighted by…
31 high-impact vulnerabilities were exploited in March, with Interlock hitting a Cisco FMC zero-day
March 2026 was a brutal month for defenders. Recorded Future says attackers actively exploited 31 high-impact vulnerabilities during the month, spanning products from Cisco, Microsoft,…
November 21, 2025
1 comment 
