Patch your SharePoint, or it’ll patch you Microsoft has rushed out emergency patches for CVE‑2025‑53770, a critical (CVSS 9.8) remote‑code‑execution flaw in on‑premises SharePoint Server. The bug, triggered by unsafe deserialisation in the machineAccountCheck function, is already being weaponised in the wild—at least 54 organisations have been hit, including banks, universities and government bodies. A related spoofing […]
Hackers Turn GitHub into a Free Malware Hotel Researchers have spotted cyber‑crooks abusing public GitHub repositories as free, trustworthy‑looking hosting for malware. The gang, nicknamed “GrokRAT” by Trend Micro, uploads innocent‑looking projects that actually hide an encrypted Remote‑Access Trojan. Victims receive a phishing email with a link to the repo’s raw file; a PowerShell one‑liner […]
Patch your Apache before it mines crypto on your behalf Security researchers have spotted active exploitation of a new Apache HTTP Server bug, CVE‑2025‑31925 (CVSS 9.4). The flaw lives in the mod_proxy_uwsgi module: a single malicious request can trigger a buffer overflow and lets an attacker run commands with the same privileges as Apache. Threat […]
Patch Your Browser, Save Your Bacon – Google’s Latest Zero‑Day Fix Google has rushed out Chrome version 138.0.7204.157/158 to patch six flaws, headlined by CVE‑2025‑6558 (CVSS 8.8). The bug lives in ANGLE/GPU code and lets a malicious web page break out of Chrome’s sandbox—a handy stepping‑stone to full system compromise. Google’s Threat Analysis Group spotted the exploit […]
“Golden DMSA” – Windows gets its own Wonka ticket for hackers Security researchers have uncovered a new Windows privilege‑escalation trick dubbed “Golden DMSA.” The technique abuses the Digital Media Streaming Authentication (DMSA) protocol baked into every modern version of Windows. By replaying a single network handshake, an attacker can mint a “golden” DMSA token that Windows happily […]
UNC6148: The Crew That Keeps Sneaking Back Into “Fully Patched” SonicWall Boxes Google’s Threat Intelligence Group (GTIG) has linked a campaign against fully-patched yet end-of-life SonicWall SMA 100 series remote-access appliances to a threat cluster it tracks as UNC6148. The attackers are re-entering appliances by using stolen administrator credentials and one-time-password (OTP) seeds lifted during […]
Fake “IT Help Desk” Teams Calls Drop Sneaky Matanbuchus 3.0 Malware Researchers have spotted Matanbuchus 3.0, an upgraded malware‑as‑a‑service loader, being pushed through Microsoft Teams calls that pose as helpful IT staff. Targets are tricked into launching Quick Assist, granting attackers remote access so they can run a PowerShell script that drops the loader. Matanbuchus 3.0 boasts […]
Google rushes out fix for active Chrome zero-day CVE-2025-6554 – a critical vulnerability in Chrome’s V8 engine – is being exploited right now, so Google has released an out-of-band patch. What happened? • A type-confusion bug lets an attacker craft a web page that reads or writes arbitrary memory, paving the way for full code […]
Why “Innocent” Network Traffic May Be Your Biggest Cyber Risk Threat actors increasingly disguise malicious activity as normal network traffic: 80 % of attacks in CrowdStrike’s 2025 report were “malware-free,” relying on credential theft, DLL hijacking and other living-off-the-land tactics. Traditional edge devices and EDR miss much of this traffic—Verizon notes breaches via VPNs and […]
