ClickFix Attacks Use Poisoned PNG Files to Deliver Malicious Code
November 25, 2025
A novel ClickFix attack method leverages fake Windows update prompts and malformed PNG files to deploy infostealer malware. This campaign
Endpoint Security
ClickFix Attacks Use Poisoned PNG Files to Deliver Malicious Code
A novel ClickFix attack method leverages fake Windows update prompts and malformed PNG files to deploy infostealer malware. This campaign seeks to exploit user trust ...
Android Trojan Sturnus Defeats Encrypted Messaging Apps with On-Screen Capture
The new Android malware dubbed Sturnus bypasses strong encryption in secure messaging apps by recording on-screen content and enabling full device control.
Operation WrtHug Compromises ASUS Routers in Global Botnet Expansion
Operation WrtHug is hijacking tens of thousands of outdated ASUS routers worldwide by exploiting old firmware flaws and default credentials. The botnet is growing rapidly, ...
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
ShadowRay 2.0 is exploiting an unauthenticated RCE flaw in older Ray Cluster deployments, infecting more than 5,000 exposed nodes and turning them into a self-spreading ...
Coordinated Zero-Day Exploits Target Citrix and Cisco Vulnerabilities in Custom Malware Campaign
Attackers chained two unpatched zero-day flaws—CitrixBleed 2 and a critical Cisco ISE vulnerability—to deploy custom, stealthy malware before fixes were available. Amazon CISO CJ Moses ...
Synology Patches Critical RCE Bug in BeeStation Following Pwn2Own Taipei Demo
Synology patched a critical RCE flaw (CVE-2025-22082) in its BeeStation storage devices after researchers exploited it live at Pwn2Own 2025. The pre-authentication bug allowed full ...
APT37 Exploits Google Find Hub to Remotely Wipe Android Devices
APT37 leveraged phishing, credential theft, and Google Find Hub to execute destructive Android wipes from compromised Windows systems, demonstrating an advanced hybrid desktop-to-mobile attack chain.
Triofox CVE-2025-12480 Exploited in Attacks Despite Available Patch
Google’s Mandiant confirmed active exploitation of CVE-2025-12480, a critical authentication bypass flaw in Gladinet’s Triofox platform. The vulnerability allows unauthorized admin access and remote code ...
QNAP Patches Seven Zero-Day Vulnerabilities Exploited at Pwn2Own 2025
QNAP released urgent patches for seven zero-day flaws exposed during Pwn2Own 2025, impacting QTS, QuTS hero, and other key NAS tools. The vulnerabilities posed serious ...
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Russian hackers used Hyper-V to deploy a hidden Linux VM hosting custom malware, bypassing typical endpoint detection and enabling stealthy long-term access in target networks.
Android Trojan Sturnus Defeats Encrypted Messaging Apps with On-Screen Capture
November 21, 2025
The new Android malware dubbed Sturnus bypasses strong encryption in secure messaging apps by recording on-screen content and enabling full
Operation WrtHug Compromises ASUS Routers in Global Botnet Expansion
November 21, 2025
Operation WrtHug is hijacking tens of thousands of outdated ASUS routers worldwide by exploiting old firmware flaws and default credentials.
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
November 18, 2025
ShadowRay 2.0 is exploiting an unauthenticated RCE flaw in older Ray Cluster deployments, infecting more than 5,000 exposed nodes and
Coordinated Zero-Day Exploits Target Citrix and Cisco Vulnerabilities in Custom Malware Campaign
November 13, 2025
Attackers chained two unpatched zero-day flaws—CitrixBleed 2 and a critical Cisco ISE vulnerability—to deploy custom, stealthy malware before fixes were
Synology Patches Critical RCE Bug in BeeStation Following Pwn2Own Taipei Demo
November 12, 2025
Synology patched a critical RCE flaw (CVE-2025-22082) in its BeeStation storage devices after researchers exploited it live at Pwn2Own 2025.
APT37 Exploits Google Find Hub to Remotely Wipe Android Devices
November 11, 2025
APT37 leveraged phishing, credential theft, and Google Find Hub to execute destructive Android wipes from compromised Windows systems, demonstrating an
Triofox CVE-2025-12480 Exploited in Attacks Despite Available Patch
November 11, 2025
Google’s Mandiant confirmed active exploitation of CVE-2025-12480, a critical authentication bypass flaw in Gladinet’s Triofox platform. The vulnerability allows unauthorized
QNAP Patches Seven Zero-Day Vulnerabilities Exploited at Pwn2Own 2025
November 10, 2025
QNAP released urgent patches for seven zero-day flaws exposed during Pwn2Own 2025, impacting QTS, QuTS hero, and other key NAS
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
November 5, 2025
Russian hackers used Hyper-V to deploy a hidden Linux VM hosting custom malware, bypassing typical endpoint detection and enabling stealthy
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.