Curly Comrades Cyber Spy Threat
In a recent wave of cyberattacks, a threat actor group known as Curly Comrades has been identified targeting government organizations across multiple regions. These attackers deploy sophisticated custom malware to infiltrate systems, steal sensitive data, and evade detection through advanced obfuscation techniques. The campaign involves spear-phishing emails and malicious attachments designed to compromise systems running […]
Jenkins Git Param RCE Threat
A serious command injection flaw (CVE-2025-53652) in the Jenkins Git Parameter plugin has emerged as a critical risk to DevOps environments. Originally rated medium severity, researchers found the flaw enables remote code execution (RCE) through unchecked user-defined Git parameters that get executed in shell commands. Approximately 15,000 internet-facing Jenkins servers lack authentication, making them highly […]
DarkBit Decrypt Breakthrough
A major development in the cybersecurity landscape has brought hope to victims of the politically motivated DarkBit ransomware. Security researchers at Profero successfully cracked DarkBit’s encryption, allowing affected organizations to recover their files without paying a ransom. The DarkBit group, linked to MuddyWater, used AES-128-CBC encryption alongside RSA-2048-encrypted keys. Despite these robust algorithms, Profero identified […]
BadCam: Linux Webcam Hack Risk
A new firmware-level vulnerability affecting select Linux-based webcams can turn trusted devices into stealthy attack tools. The flaw, identified by researchers at DEF CON 2025, enables remote actors to reflash webcam firmware-without physical access-transforming the device into a BadUSB Human Interface Device capable of injecting keystrokes and executing commands irrespective of the host OS. Why […]
Erlang/OTP SSH Flaw Alert
Security teams have identified a maximum-severity vulnerability-CVE-2025-32433-in the SSH implementation of Erlang/OTP, a platform widely deployed in telecom, industrial control systems (ICS), IoT devices, and other high-availability environments. The flaw enables unauthenticated remote code execution, allowing attackers to run arbitrary commands before authentication completes. Why It Matters Wide Reach: The issue affects any application using […]
Darknet Escrow Exit Scam Risk
Darknet markets often rely on escrow systems – primarily multisignature (multisig) wallets – to create a layer of trust between anonymous buyers and vendors. The 2-of-3 multisig approach, involving signatures from the buyer, seller, and market administrator, is designed to provide stronger protection than centralized escrow models. However, new analysis shows that even with this […]
Google Salesforce Data Breach
On August 9, 2025, Google confirmed a data breach affecting one of its Salesforce CRM instances, which contained prospect information for Google Ads customers. The attack, carried out in June 2025 by the well-known threat group ShinyHunters (also linked to UNC6040 and Sp1d3rHunters), leveraged sophisticated voice phishing (vishing) tactics to gain unauthorized access. How the […]
Linux Kernel Bug Threatens Chrome
A recently disclosed Linux Kernel vulnerability poses a significant risk to Chrome users by enabling privilege escalation within the browser’s sandbox environment. This flaw underscores the critical need for proactive system updates and continuous monitoring to mitigate potential exploitation by threat actors. Understanding the Vulnerability The vulnerability impacts how the Linux Kernel manages process capabilities […]
Linux Kernel Flaw Hits Chrome
Researchers at Google Project Zero have discovered a critical Linux kernel vulnerability (CVE-2025-38236) that allows attackers to escalate privileges directly from the Chrome renderer sandbox on Linux systems. The flaw exploits a rarely used feature in UNIX domain sockets-MSG_OOB-which is accessible due to unfiltered syscall permissions in the sandbox. How the Vulnerability Works Root Cause: […]
AgentFlayer: Zero-Click ChatGPT Hack
A Single Document, Total Compromise Researchers at Black Hat 2025 revealed a disruptive exploit-AgentFlayer-targeting OpenAI’s ChatGPT Connectors. This “zero-click” vulnerability enables attackers to steal sensitive data from cloud services like Google Drive, SharePoint, GitHub, or Microsoft 365 without any user interaction beyond the upload of a document. How It Works Attack Vector: A “poisoned” document […]