This has caused confusion in the security community as to which flaw is being targeted by attackers, CVE-2025-5777 or CVE-2025-6543, or both. IoCs for CVE-2025-6543 are available on request from the Citrix Cloud Software Group, but there has been no such information for CVE-2025-5777 until this week, given that Citrix hasn’t seen any evidence of … Read More
Well, the last few weeks of insane hours finally caught up with me 🤒 Not badly, but I evidently burned enough midnight oil to leave the immune system somewhat degraded and just after recording this video, I really didn't feel like doing much at all. Some congestion and sniffles aside, it's really not that bad, … Read More
In 2024, ESET researchers discovered several malicious tools in the systems used by Kurdish and Iraqi government officials. The APT group behind the attacks is BladedFeline, an Iranian threat actor that has been active since at least 2017, when it compromised officials within the Kurdistan Regional Government (KRG). This group develops malware for maintaining and … Read More
.Microsoft on Tuesday released 67 patches affecting 12 product families. Ten of the addressed issues, five involving 365 and Office and one involving SharePoint, are considered by Microsoft to be of Critical severity, and 17 have a CVSS base score of 8.0 or higher. One, an Important-severity RCE in Windows related to WEBDAV (CVE-2025-33053), is … Read More
Jul 09, 2025Ravie LakshmananCyber Threat / Malware The Initial Access Broker (IAB) known as Gold Melody has been attributed to a campaign that exploits leaked ASP.NET machine keys to obtain unauthorized access to organizations and peddle that access to other threat actors. The activity is being tracked by Palo Alto Networks Unit 42 under the … Read More
A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because “ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly effect. Meanwhile, Carole checks the rear-view mirror on the driverless car … Read More
Image: Shutterstock, ArtHead. The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as “pig butchering.” In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that catered to … Read More
Ongoing crackdown with caveats for hiring companies These actions are the latest efforts in the US government’s battle to stop DPRK’s illegal activities. Last month, the Justice Department’s major sweep across 16 states seized laptops, financial accounts, and websites associated with the illegal remote IT worker scheme, and the FBI and Defense Criminal Investigative Service … Read More
The sixth annual Sophos State of Ransomware report provides fresh insights into the factors that led organizations to fall victim to ransomware and the human and business impacts of an attack. Based on insights from a vendor-agnostic survey of 3,400 IT and cybersecurity leaders across 17 countries whose organizations were hit by ransomware in the … Read More
A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in Now Platform through conditional access control list (ACL) rules. It has been codenamed Count(er) Strike. “A … Read More