Initial Unauthenticated Reach Stage 1 Operators send crafted HTTP(S) requests that usually require authentication to access restricted endpoints. This stage is used to elicit application behavior, fingerprint server-side logic, expose tokens/cookies, or session metadata, and sometimes to trigger session leakage or predictable error responses that can be
XWorm
TRENDING TOPICS OCT 06, 2025 Oracle E-Business Suite Zero-Day Exploited in Widespread Cl0p Attacks Oracle has issued an emergency security update addressing a critical vulnerability in its E-Business Suite, tracked as CVE-2025-61882, after evidence showed active exploitation by the Cl0p ransomware group. The flaw, rated
UAT-8099
CVE-2025-20333 Critical Cisco ASA / FTD VPN ROOT CODE EXECUTION AUTH REQUIRED A flaw in Cisco ASA and FTD VPN web servers allows authenticated attackers with valid credentials to execute arbitrary code as root by sending crafted HTTPS requests. Exploitation could lead to complete system takeover and persistent access.
Microsoft
TRENDING TOPICS OCT 02, 2025 Microsoft Investigates Classic Outlook Bug Blocking Access to Mailboxes Microsoft is currently investigating a major issue affecting the classic Outlook desktop client on Windows, which is preventing users from accessing their email accounts. Identified in late September 2025, this issue affects individuals who encounter repeated
Monthly Wrap
MONTHLY WRAP MONTHLY WRAP Overview September 2025 reinforced a dual-track threat: commercialized crime operations scaled rapidly while state-aligned espionage refined targeted tradecraft. Attackers weaponized trusted ecosystems—search engines, CI/CD pipelines, collaboration platforms, package registries, cloud metadata
FlipSwitch
TRENDING TOPICS OCT 01, 2025 New FlipSwitch Hooking Method Overcomes Linux Kernel Defenses A newly discovered rootkit technique known as FlipSwitch has reintroduced stealthy syscall hooking on Linux systems by targeting the compiled syscall dispatcher in kernel 6.9. Unlike earlier rootkits that modified the sys_call_table, FlipSwitch scans
AI
TRENDING TOPICS SEPT 30, 2025 Fake AI Browser Extensions Stealing Data Through Chrome Cybercriminals are capitalizing on the growing interest in AI tools by creating malicious Chrome extensions that impersonate popular services, including ChatGPT, Claude, Perplexity, and Meta’s Llama. These extensions trick users by offering AI prompt capabilities directly
Microsoft Teams
TRENDING TOPICS SEPT 29, 2025 Hackers Exploit Weaponized Microsoft Teams Installer to Deploy Oyster Malware Researchers have found that a malvertising campaign is distributing a weaponized Microsoft Teams installer to deliver the Oyster backdoor, also known as Broomstick or CleanUpLoader. The campaign begins with SEO poisoning of Bing search results,
Cloud-based Runtime Generation MalTerminal Malware makes API calls to a remote LLM (e.g., GPT-4) to generate ransomware or remote access payloads in real time. This offloads malicious logic to the cloud, reducing what defenders can see on disk. Attack Mechanism Remote API calls to cloud-based LLMs
XCSSET
CVE-2025-21043 Critical Samsung libimagecodec.quram.so OUT-OF-BOUNDS WRITE REMOTE ATTACK Out-of-bounds write vulnerability in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 enables remote attackers to execute arbitrary code on affected Samsung devices without user interaction or authentication requirements. Mitigation: Apply Samsung&
PyPI
TRENDING TOPICS SEPT 25, 2025 Renewed Phishing Campaign Puts Python Package Maintainers at Risk A new wave of phishing attacks is circulating across the Python developer community, targeting PyPI maintainers once again. The scheme relies on domain confusion, with attackers registering look-alike websites to lure users into entering their
1 High Severity 3 Medium Severity 4 Total CVEs CVE-2025-40300 High Severity x86/vmscape Hypervisor VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor. Since it is the userspace that consumes the poisoned branch predictors, conditionally issue an IBPB after