Security researchers at ESET have confirmed that a recently patched flaw in WinRAR (CVE-2025-8088) was exploited as a zero-day in phishing campaigns to deliver the RomCom malware. The vulnerability, a directory traversal issue, was addressed in late July with the release of WinRAR version 7.13. It allowed attackers to
Google has confirmed that a recent data breach tied to a Salesforce compromise exposed information belonging to Google Ads customers. Last week, the company acknowledged it was impacted by a leak attributed to the hacker group ShinyHunters, which in recent months has been systematically targeting Salesforce CRM platforms. In June
Members of the Silent Crow group, which claimed responsibility for the late-July cyberattack on Aeroflot, have begun releasing data allegedly stolen from the airline. According to media reports, the leak includes sensitive medical records belonging to pilots and other airline employees. The attack occurred on July 28, 2025, when Aeroflot
CVE-2025-54987 Description: A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture. Source: Trend Micro, Inc. Analysis CVE-2025-54987 and CVE-2025-54948
Researchers at Kaspersky have identified a wave of cyberattacks involving the Efimer Trojan. The malware spreads through compromised WordPress websites, torrents, and phishing emails. Its primary purpose is to steal and replace cryptocurrency wallet addresses. With the help of additional scripts, it can also brute-force passwords for WordPress sites and
Wikipedia has adopted new rules to address a growing flood of AI-generated articles. Under the policy, administrators can now swiftly remove such articles—without the usual week-long debate—if they meet specific criteria. The encyclopedia is maintained by a global community of volunteers who often spend days debating both edits
Security researchers have uncovered 60 malicious packages on RubyGems, the package manager for the Ruby programming language. Disguised as harmless automation tools for social media, blogs, and messaging platforms, the gems stole user credentials and, since March 2023, have been downloaded more than 275,000 times. Experts at Socket, who
In July and early August 2025, the espionage-focused hacking group Paper Werewolf targeted multiple organizations in Russia and Uzbekistan. The campaign relied on phishing emails containing RAR archives that appeared to hold important documents but instead carried malware. The attackers exploited two vulnerabilities in WinRAR that allowed malicious software to
CVE-2025-8022 Rejected This CVE has been marked Rejected in the CVE List. These CVEs are stored in the NVD, but do not show up in search results by default. NVD Published Date: 07/23/2025 NVD Last Modified: 08/11/2025 Description Rejected reason: Bun Shell does not invoke /bin/
SonicWall has confirmed that recent attacks targeting its 7th-generation firewalls with SSL VPN enabled were the work of the Akira ransomware group exploiting an old vulnerability—CVE-2024-40766—rather than a suspected zero-day. Key Findings Following an investigation into 40 incidents, SonicWall determined that attackers leveraged CVE-2024-40766, a critical SSL VPN
Security analysts at Koi Security have uncovered a large-scale malicious campaign—dubbed "GreedyBear"—operating through the Mozilla Add-ons Store. The operation involved 150 malicious Firefox extensions that collectively stole more than $1 million in cryptocurrency from unsuspecting users. How the Scam Worked The extensions disguised themselves as legitimate
Firmware flaws in Dell ControlVault3 affect more than 100 Dell laptop models, enabling attackers to bypass Windows Login and install malware that can survive even after an operating system reinstall. What is Dell ControlVault? Dell ControlVault is a hardware-based security solution that stores passwords, biometric data, and security codes in