Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security The piece argues that Active Directory remains the crown-jewel target across enterprises and critical infrastructure. Complexity, legacy protocols and slow patch cycles (including a major 2025 privilege-escalation flaw) keep AD vulnerable. It recommends identity-first Zero Trust, privileged access tiering, hardening Kerberos/NTLM, rapid patching of domain […]
CISA Flags Critical WatchGuard Fireware Flaw (CVE-2025-9242) CISA added CVE-2025-9242 to its KEV catalogue, warning that 54,000+ WatchGuard Fireboxes are exposed. The flaw is an out-of-bounds write in the iked process that can enable unauthenticated remote code execution. Affected Fireware versions span 11.10.2–11.12.4_U1, 12.0–12.11.3 and 2025.1. WatchGuard patched in September; agencies and enterprises should update, […]
Chinese Hackers Use Anthropic’s AI to Launch Automated Espionage Anthropic reports China-linked actors abused its AI (Claude) to run a largely automated cyber-espionage campaign against ~30 organisations in September 2025. Researchers say 80–90% of operations were automated, with AI assisting reconnaissance, exploitation and data handling. Some intrusions succeeded before detection and disruption. The incident spotlights […]
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation (APT42) Iran-linked APT42 is running “SpearSpecter,” a spear-phishing and social-engineering campaign against high-value defence and government officials, sometimes extending to family members. Lures include conference invites and meeting requests. The operation uses personalised pretexts and custom tooling (e.g., TAMECAT) to gather credentials and maintain access. The Israel National Digital […]
Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT Elastic observed the Dragon Breath group using RONINGLOADER, a multi-stage loader inside trojanised NSIS installers, to disable endpoint security (including Microsoft Defender via PPL/EDR-Freeze tricks) and deploy a modified Gh0st RAT. The loader kills AV processes, abuses drivers, tampers with firewalls, and side-loads […]
5 Reasons Why Attackers Are Phishing Over LinkedIn The Hacker News explains why phishing is booming on LinkedIn and other non-email channels. Attackers like LinkedIn because it bypasses email security, is cheap and scalable, enables convincing impersonation, and supports long-game social engineering with credible profiles and DMs. Metrics undercount the problem because most controls (and […]
3,000 YouTube Videos as Malware Traps (“YouTube Ghost Network”) Check Point uncovered a YouTube Ghost Network of compromised accounts pushing over 3,000 malicious videos since 2021, with volumes tripling in 2025. Content focuses on cracked software and Roblox cheats, luring users to malware via links (MediaFire/Drive/Google Sites/Blogger/Telegraph), often masked by shorteners. The operation uses role-based […]
ChatGPT Atlas Browser “Tainted Memories” Exploit LayerX researchers detail a CSRF-based attack against ChatGPT Atlas that writes malicious instructions into the browser’s persistent memory. The tainted memory persists across sessions/devices, enabling later code execution, privilege escalation, or data theft when normal prompts are run. The chain: user logged in → lure link → CSRF memory […]
One naughty URL, and your Chromium browser keels over A bug in Chromium’s Blink engine, dubbed Brash, can crash Chromium-based browsers within seconds via a crafted URL. The issue abuses the lack of rate-limiting on document.title updates, flooding the DOM with millions of mutations per second. The three-stage attack—hash preparation, burst injection, UI thread saturation—freezes […]
