Google confirmed CVE-2025-48595, a no-interaction privilege escalation flaw in Android 14–16, is under active targeted attack. Patches arrive June 5.
Attackers backdoored 32 Red Hat npm packages with the Miasma worm, stealing CI/CD secrets, cloud keys, and SSH keys across
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan’s Finance Ministry, deploying Xeno RAT for full system access and exfil.
FortiGuard Labs documents PureLogs infostealer delivered via fake purchase order emails, using MSBuild.exe process hollowing to execute entirely in memory.
Sekoia documents an active Gamaredon campaign using NTFS Alternate Data Streams to conceal USB worm modules targeting Ukrainian government networks.
Sekoia documents an active Gamaredon campaign using NTFS Alternate Data Streams to conceal USB worm modules targeting Ukrainian government networks.
FortiGuard Labs documents PureLogs infostealer delivered via fake purchase order emails, using MSBuild.exe process hollowing to execute entirely in memory.
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan’s Finance Ministry, deploying Xeno RAT for full system access and exfil.
Attackers backdoored 32 Red Hat npm packages with the Miasma worm, stealing CI/CD secrets, cloud keys, and SSH keys across
Google confirmed CVE-2025-48595, a no-interaction privilege escalation flaw in Android 14–16, is under active targeted attack. Patches arrive June 5.
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.