Patch your Apache

Patch your Apache before it mines crypto on your behalf Security researchers have spotted active exploitation of a new Apache HTTP Server bug, CVE‑2025‑31925 (CVSS 9.4). The flaw lives in the mod_proxy_uwsgi module: a single malicious request can trigger a buffer overflow and lets an attacker run commands with the same privileges as Apache. Threat […]

Read More

Patch Your Browser Save Your Bacon

Patch Your Browser, Save Your Bacon – Google’s Latest Zero‑Day Fix Google has rushed out Chrome version 138.0.7204.157/158 to patch six flaws, headlined by CVE‑2025‑6558 (CVSS 8.8). The bug lives in ANGLE/GPU code and lets a malicious web page break out of Chrome’s sandbox—a handy stepping‑stone to full system compromise. Google’s Threat Analysis Group spotted the exploit […]

Read More

Golden DMSA Wonka ticket for hackers

“Golden DMSA” – Windows gets its own Wonka ticket for hackers Security researchers have uncovered a new Windows privilege‑escalation trick dubbed “Golden DMSA.” The technique abuses the Digital Media Streaming Authentication (DMSA) protocol baked into every modern version of Windows. By replaying a single network handshake, an attacker can mint a “golden” DMSA token that Windows happily […]

Read More

Sneaking Back Into Fully Patched SonicWalls

UNC6148: The Crew That Keeps Sneaking Back Into “Fully Patched” SonicWall Boxes Google’s Threat Intelligence Group (GTIG) has linked a campaign against fully-patched yet end-of-life SonicWall SMA 100 series remote-access appliances to a threat cluster it tracks as UNC6148. The attackers are re-entering appliances by using stolen administrator credentials and one-time-password (OTP) seeds lifted during […]

Read More

Teams Drops Sneaky Matanbuchus Malware

Fake “IT Help Desk” Teams Calls Drop Sneaky Matanbuchus 3.0 Malware Researchers have spotted Matanbuchus 3.0, an upgraded malware‑as‑a‑service loader, being pushed through Microsoft Teams calls that pose as helpful IT staff. Targets are tricked into launching Quick Assist, granting attackers remote access so they can run a PowerShell script that drops the loader. Matanbuchus 3.0 boasts […]

Read More

Google fix for active Chrome zero-day

Google rushes out fix for active Chrome zero-day CVE-2025-6554 – a critical vulnerability in Chrome’s V8 engine – is being exploited right now, so Google has released an out-of-band patch. What happened? • A type-confusion bug lets an attacker craft a web page that reads or writes arbitrary memory, paving the way for full code […]

Read More

Hidden threats in normal traffic

Why “Innocent” Network Traffic May Be Your Biggest Cyber Risk Threat actors increasingly disguise malicious activity as normal network traffic: 80 % of attacks in CrowdStrike’s 2025 report were “malware-free,” relying on credential theft, DLL hijacking and other living-off-the-land tactics. Traditional edge devices and EDR miss much of this traffic—Verizon notes breaches via VPNs and […]

Read More

zero-day spree hits Ivanti gateways

Chinese hackers weaponise new Ivanti CSA bugs to hit French public and private sector Chinese threat group “Houken” (overlapping Google Mandiant’s UNC5174) exploited three zero-day flaws in Ivanti Cloud Services Appliance (CSA) – CVE-2024-8963, CVE-2024-9380 and CVE-2024-8190 – to breach French government, telecoms, media, finance and transport bodies in September 2024. According to France’s cyber-security […]

Read More

hidden weaknesses in AI SOC tools

The hidden weaknesses in AI SOC tools AI-driven Security Operations Centre (SOC) platforms promise faster triage and fewer false alarms, yet most depend on pre-trained models that only recognise a narrow set of threats. These fixed models can’t keep up with today’s constantly shifting alert landscape, forcing analysts back to manual work whenever an unfamiliar […]

Read More