FortiGuard Labs documents PureLogs infostealer delivered via fake purchase order emails, using MSBuild.exe process hollowing to execute entirely in memory.
Sekoia documents an active Gamaredon campaign using NTFS Alternate Data Streams to conceal USB worm modules targeting Ukrainian government networks.
Sekoia documents an active Gamaredon campaign using NTFS Alternate Data Streams to conceal USB worm modules targeting Ukrainian government networks.
FortiGuard Labs documents PureLogs infostealer delivered via fake purchase order emails, using MSBuild.exe process hollowing to execute entirely in memory.
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan’s Finance Ministry, deploying Xeno RAT for full system access and exfil.
Attackers backdoored 32 Red Hat npm packages with the Miasma worm, stealing CI/CD secrets, cloud keys, and SSH keys across
Google confirmed CVE-2025-48595, a no-interaction privilege escalation flaw in Android 14–16, is under active targeted attack. Patches arrive June 5.
CIFSwitch is a 19-year-old Linux kernel privilege escalation flaw with a public PoC that enables root access on Ubuntu, RHEL,
LLMShare, discovered by Push Security, abuses ChatGPT’s share links on chatgpt.com to host fake outage pages that deliver infostealer malware
CIFSwitch is a 19-year-old Linux kernel privilege escalation flaw with a public PoC that enables root access on Ubuntu, RHEL,
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.