OpenAI and Sora to Harvest Credentials
A recent phishing campaign is exploiting users’ trust in popular AI services by impersonating OpenAI and the new Sora portals. Attackers send convincing account alerts that direct recipients to fake login pages. Once credentials are entered, a stealthy JavaScript loader runs inside the browser, captures the credentials, exfiltrates them to a command-and-control server, then redirects […]
RondoDox Botnet Escalates
The Latest Intelligence Researchers are raising alarm over the RondoDox botnet, which has aggressively expanded its arsenal to exploit more than 50 security flaws across 30+ vendors. This “exploit shotgun” approach targets a wide range of internet-facing devices-from routers and DVRs to CCTV systems and web servers. Originally observed in mid-2025 via attacks against TP-Link […]
Stealit Malware
Cybersecurity researchers are sounding the alarm over a sophisticated malware campaign dubbed Stealit, which is actively targeting Windows systems. The threat leverages Node.js’s Single Executable Application (SEA) feature to disguise its payloads-allowing it to run on machines without requiring a full Node.js runtime installation. Stealit is being distributed via fake installers masquerading as popular games […]
Windows 11 “Update and Shut Down”
What Was the Issue? Microsoft has addressed a longstanding flaw in Windows 11 where the “Update and Shut Down” option often failed to power off the PC as promised. Instead of shutting down, the system would apply updates and reboot-leaving the machine running unexpectedly. This behavior emerged soon after the release of Windows 11 and […]
SonicWall SSL VPN Compromise
A Serious Breach Uncovered Security firm Huntress has raised the alarm over a large-scale breach targeting SonicWall SSL VPN devices. Over 100 accounts across 16 customer environments were compromised beginning October 4, 2025, with unauthorized logins traced to a single external IP address. In some incidents, attackers quietly disconnected after minimal access. In others, they […]
MS Teams as an Attack Vector
In October 2025, Google’s Threat Intelligence Group and Mandiant revealed a sophisticated campaign targeting organizations using Oracle’s E-Business Suite (EBS). Dozens of companies were compromised via a zero-day flaw (CVE-2025-61882, CVSS 9.8), with intrusion activity traced back to August 2025. While the full breadth of damage is still under investigation, the breach displays classic extortion […]
MS Teams as an Attack Vector
The Threat Landscape Recent reports reveal that threat actors are abusing Microsoft Teams in novel and concerning ways. Rather than just targeting endpoints or networks, adversaries are leveraging Teams for extortion, social engineering, and bypassing Multi-Factor Authentication (MFA). This shift underscores a broader trend: platforms once considered “trusted” can themselves become weapons in attackers’ arsenals. […]
Weaponizing Generative Tools
In the first half of 2025, Russian threat actors escalated their AI-driven cyber operations against Ukraine, turning generative models from novelty tools into potent weapons for phishing and malware. The Ukrainian State Service for Special Communications (SSSCIP) reported over 3,000 cyber incidents during this period-a sharp uptick from the latter half of 2024. These attacks […]
When AI Tools Are Misused
OpenAI recently took a bold step: it banned a number of ChatGPT accounts connected to Chinese (and also some Russian) entities that were using the platform for surveillance, phishing, and malware development. The company’s findings came from its public threat intelligence reports, and they highlight a growing concern in the AI era: how powerful tools […]
Redis’s 13-Year “Sleeping” Flaw
In October 2025, a startling revelation emerged: a use-after-free vulnerability-present in Redis for an estimated 13 years-has now been classified with a CVSS score of 10.0. Known as CVE-2025-49844(or “RediShell”), this flaw allows an authenticated attacker to craft a malicious Lua script that breaks out of Redis’s Lua sandbox and executes arbitrary native code on […]