The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-54253 (CVSS score: 10.0), a maximum-severity misconfiguration bug that could result in arbitraryRead More »CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

A targeted underground doxxing campaign exposed alleged core members of Lumma Stealer (Water Kurita), resulting in a sharp decline in its activity and a migration of customers to rival infostealer platforms.

A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider, marking the hacking group’s expansion to the country beyond Southeast Asia and South America. The activity, which took place from January to May 2025, has been attributed by Broadcom-owned SymantecRead More »Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months

U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP’s source code and information related to undisclosed vulnerabilities in the product. It attributed the activity to a “highly sophisticated nation-state threat actor,” adding the adversary maintained long-term, persistentRead More »F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk. “A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attackerRead More »Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

A malware campaign was recently detected in Brazil, distributing a malicious LNK file using WhatsApp. It targets mainly Brazilians and uses Portuguese-named URLs. To evade detection, the command-and-control (C2) server verifies each download to ensure it originates from the malware itself. The whole infection chain is complex and fully fileless,Read More »Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution