Threat actors keep hitting exposed MS-SQL servers to deploy ICE Cloud scanner
Threat actors are still targeting exposed Microsoft SQL Server systems with weak credentials, and the latest payload is a scanner called ICE Cloud Client. According…
Sandworm-linked hackers reportedly pivot to stealthy RDP persistence in new Ukraine-focused campaign
A new report claims a Sandworm-linked campaign is using fake Microsoft Office ISO files to compromise targets in Ukraine, then planting tools that keep Remote…
Microsoft says Azure AI Foundry scans high-visibility AI models for malware, backdoors, and tampering
Microsoft has outlined how it secures generative AI models hosted on Azure AI Foundry, saying high-visibility models go through security scanning before release and run…
Google rolls out Gemini-powered dark web monitoring to spot leaks, brokered access, and insider threats
Google has started rolling out a new Gemini-powered dark web intelligence capability inside Google Threat Intelligence, and the goal is straightforward. It aims to help…
ALP-001 leak site points to a more aggressive phase for initial access brokers
A newly uncovered dark web leak site called ALP-001 appears to mark an important shift in cybercrime. Researchers say the operation links back to a…
NIST releases new quick-start guide linking cybersecurity, enterprise risk, and workforce planning
The National Institute of Standards and Technology has released a new guide to help organizations connect cybersecurity decisions with enterprise risk management and workforce planning.…
Roundcube Webmail 1.6.14 patches multiple serious security flaws, including a pre-auth file-write bug
Roundcube has released Webmail 1.6.14 as a security update for the 1.6 branch, and admins should treat it as a priority patch. The release fixes…
Chrome security update fixes 8 high-severity bugs in desktop browser
Google has released a new Chrome desktop security update that fixes eight high-severity vulnerabilities. The affected versions include Chrome builds before 146.0.7680.164/165 on Windows and…
U.S. sentences Russian access broker to 81 months over ransomware attacks that caused $9 million in losses
A U.S. court has sentenced Russian national Aleksei Volkov to 81 months in prison for helping major cybercrime groups, including the Yanluowang ransomware crew, breach…
North Korean hackers abuse VS Code auto-run tasks to push StoatWaffle malware
North Korean threat actors have started abusing Visual Studio Code auto-run tasks to infect developers with a malware family called StoatWaffle, according to new research.…
November 21, 2025
1 comment 
