Researchers at Dr. Web have uncovered a sophisticated Android backdoor targeting Russian business representatives. The malware offers extensive surveillance and data theft capabilities, including: * Recording conversations * Streaming live camera footage * Stealing data from messengers and browsers * Keylogging Malware Evolution and Targeting Dubbed Android.Backdoor.916.origin, the Kotlin-based malware first
Vulnerability Details : CVE-2025-8088 Path traversal vulnerability in WinRAR A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strý?ek from
More than 29,000 Microsoft Exchange servers remain unpatched against CVE-2025-53786, a severe security flaw that could allow attackers to move laterally into Microsoft cloud environments and potentially achieve full domain compromise. How the Vulnerability Works The flaw allows attackers with administrative access to on-premises Exchange servers to escalate privileges
A security researcher known by the alias Micky has received a record-breaking $250,000 bounty from Google for discovering a critical Chrome vulnerability that allowed attackers to bypass the browser’s sandbox. The flaw, tracked as CVE-2025-4609, was first identified in April 2025 and patched in mid-May with the release
Security researchers at ESET have confirmed that a recently patched flaw in WinRAR (CVE-2025-8088) was exploited as a zero-day in phishing campaigns to deliver the RomCom malware. The vulnerability, a directory traversal issue, was addressed in late July with the release of WinRAR version 7.13. It allowed attackers to
Google has confirmed that a recent data breach tied to a Salesforce compromise exposed information belonging to Google Ads customers. Last week, the company acknowledged it was impacted by a leak attributed to the hacker group ShinyHunters, which in recent months has been systematically targeting Salesforce CRM platforms. In June
Members of the Silent Crow group, which claimed responsibility for the late-July cyberattack on Aeroflot, have begun releasing data allegedly stolen from the airline. According to media reports, the leak includes sensitive medical records belonging to pilots and other airline employees. The attack occurred on July 28, 2025, when Aeroflot
CVE-2025-54987 Description: A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture. Source: Trend Micro, Inc. Analysis CVE-2025-54987 and CVE-2025-54948
Researchers at Kaspersky have identified a wave of cyberattacks involving the Efimer Trojan. The malware spreads through compromised WordPress websites, torrents, and phishing emails. Its primary purpose is to steal and replace cryptocurrency wallet addresses. With the help of additional scripts, it can also brute-force passwords for WordPress sites and
Wikipedia has adopted new rules to address a growing flood of AI-generated articles. Under the policy, administrators can now swiftly remove such articles—without the usual week-long debate—if they meet specific criteria. The encyclopedia is maintained by a global community of volunteers who often spend days debating both edits
Security researchers have uncovered 60 malicious packages on RubyGems, the package manager for the Ruby programming language. Disguised as harmless automation tools for social media, blogs, and messaging platforms, the gems stole user credentials and, since March 2023, have been downloaded more than 275,000 times. Experts at Socket, who
In July and early August 2025, the espionage-focused hacking group Paper Werewolf targeted multiple organizations in Russia and Uzbekistan. The campaign relied on phishing emails containing RAR archives that appeared to hold important documents but instead carried malware. The attackers exploited two vulnerabilities in WinRAR that allowed malicious software to