Two new critical zero-day vulnerabilities in Microsoft SharePoint—CVE-2025-53770 and CVE-2025-53771—have been actively exploited since late last week, with at least 85 servers compromised worldwide. Background: From ToolShell to Active Exploitation In May 2025, researchers at Viettel Cyber Security chained two SharePoint flaws—CVE-2025-49706 and CVE-2025-49704—to create a
How Integrated Industrial Cybersecurity Solutions Protect OT Networks and Reduce the Cost of Critical Incidents Industrial digital transformation has been a topic of discussion for over a decade—but only now is the real tipping point arriving. According to the VDC Research report Securing OT with Purpose-Built Solutions, just 7.
The Third Critical NVIDIA Container Toolkit Vulnerability in a Year Could Expose All Customer Data on Shared Servers A single compromised container. Three lines of code. Full access to every customer’s data on the server. That’s the nightmare scenario behind CVE-2025-23266, a newly discovered vulnerability in the NVIDIA
Google has filed a landmark lawsuit against the anonymous operators of BadBox 2.0, an Android-based botnet responsible for infecting more than 10 million devices worldwide. The tech giant accuses the group of orchestrating a massive ad fraud operation that exploited Google’s advertising platforms and siphoned illicit revenue on
A newly discovered malware family, dubbed LameHug, is breaking ground by using large language models (LLMs) to generate and execute commands on compromised Windows systems. First reported by Bleeping Computer, LameHug is written in Python and leverages the Hugging Face API to interface with Qwen 2.5-Coder-32B-Instruct, a powerful open-source
Malware operators have long relied on LNK files—commonly known as Windows shortcuts—as a covert and effective method for delivering trojans and executing malicious payloads. In this article, we’ll break down how LNK files work, explore their structure and vulnerabilities, and analyze attacker behavior based on a dataset
Researchers from DomainTools have uncovered a sophisticated method hackers are using to conceal malicious payloads within DNS records—bypassing conventional detection and exploiting a long-standing security blind spot. Unlike traditional malware delivery tactics, which often rely on suspicious downloads or malicious email attachments, this technique leverages the trust and relative
Positive Technologies has unveiled a comprehensive online portal that aggregates software and hardware vulnerability data from vendors around the world—aimed at helping cybersecurity professionals, ethical hackers, and businesses stay ahead of emerging threats. The platform, which already catalogs over 317,000 vulnerabilities, includes detailed entries on each flaw, information
Imagine your AI model had a universal plug — a single way to connect to tools, apps, and external systems, no matter where they’re hosted or what language they’re written in. That’s essentially what the Model Context Protocol (MCP) is: a standardized, open protocol that lets AI agents
Daniel Stenberg, founder and lead developer of Curl, is considering shutting down the project’s bug bounty program after being overwhelmed by AI-generated junk reports. The influx of low-quality submissions—often indistinguishable from spam—has become a serious burden on the small team maintaining one of the internet’s most
Google has released patches for six security vulnerabilities in its Chrome browser, including a critical sandbox escape flaw that has already been exploited in the wild. The vulnerability, tracked as CVE-2025-6558 and assigned a CVSS score of 8.8, was discovered by Clément Lecigne and Vlad Stolyarov of Google’s
Security researchers have discovered a new variant of the Android malware Konfety that uses a corrupted ZIP structure and advanced obfuscation techniques to bypass static analysis and evade detection by security tools. Masquerading as Legitimate Apps Konfety disguises itself as legitimate Android applications, closely mimicking the look and feel of