CoPhish
TRENDING TOPICS OCT 27, 2025 CoPhish Exploit Abuses Copilot Studio to Steal OAuth Tokens and Bypass Cloud Defenses Researchers have discovered a new phishing technique, named CoPhish, that abuses Microsoft Copilot Studio to steal OAuth tokens and hijack user accounts. The attack takes advantage of the trust users place in
UNC6229
CVE-2025-6950 Critical Moxa Network Appliances HARDCODED SECRET KEY TOKEN FORGERY Moxa network appliances use a hard-coded secret key to sign JSON Web Tokens (JWT), allowing attackers to forge valid authentication tokens and gain full administrative control over affected devices without any valid credentials. Mitigation: Update firmware immediately, rotate all JWT
DeskRAT
TRENDING TOPICS OCT 23, 2025 DeskRAT Campaign: Targeted Phishing Against Indian Government Linux Systems New evidence and infrastructure linked to the TransparentTribe operation continue to surface, confirming that the campaign remains active and evolving beyond its initial discovery in mid-2025. TransparentTribe (APT36), a Pakistan-aligned threat group, conducted a focused phishing
SQL Server Attack Techniques Common Adversary Tactics, Techniques, and Procedures Credential Compromise and Brute-Force Access Attackers obtain valid SQL authentication through credential stuffing, password spraying, or successful exploitation of web-facing applications that expose SQL endpoints. Once authenticated, attackers attempt privilege escalation to SYSADMIN and begin configuration changes. Attack Impact Enables
Microsoft 365
TRENDING TOPICS OCT 22, 2025 Microsoft 365 Copilot Attack Enables Data Exfiltration via Malicious Mermaid Diagrams A newly discovered attack in Microsoft 365 Copilot enabled attackers to exploit the AI assistant’s integration with Mermaid diagrams to exfiltrate sensitive tenant data. The flaw leveraged an indirect prompt injection hidden inside
AWS
TRENDING TOPICS OCT 21, 2025 Update: AWS Restores Services Caused by DNS Resolution Failure Amazon Web Services (AWS) suffered a prolonged outage across its US-EAST-1 region beginning late on October 19, 2025, and lasting nearly 24 hours, disrupting more than 140 services and impacting users worldwide. The issue originated from
CVE-2025-59483 Critical Severity File path handling flaw that allows arbitrary file upload and remote code execution through the BIG-IP Configuration Utility. Enables full system compromise if the interface is Internet-accessible. Attack Vector Details Arbitrary file upload capability through misconfigured path handling Remote code execution via BIG-IP Configuration Utility Internet-accessible management
AWS
TRENDING TOPICS OCT 20, 2025 Significant AWS Outage Causes Widespread Internet Disruption Across Global Services In the early hours of October 20, 2025, Amazon Web Services (AWS) experienced a severe outage affecting multiple regions, with the US-EAST-1 Region at the epicenter. The disruption triggered widespread downtime across major online platforms,
Unmanaged Accounts and Shadow AI Use Critical Employees frequently use personal or unsanctioned accounts to access AI tools. These accounts operate outside corporate identity systems and lack logging, retention, or policy enforcement. The result is unmonitored data transfers into systems the organization neither owns nor audits. 77% of employees have
Microsoft
CVE-2025-46817 Critical Redis Database ≤8.2.1 INTEGER OVERFLOW AUTH REQUIRED Redis versions ≤8.2.1 allow authenticated users to trigger an integer overflow via crafted Lua scripts, potentially leading to remote code execution. The flaw affects all Redis versions with Lua scripting enabled. Mitigation: Update to Redis 8.2.
Qilin
TRENDING TOPICS OCT 16, 2025 Qilin Ransomware: Bulletproof Hosting Fuels High-Impact RaaS Campaigns Qilin has matured from a mid-2022 affiliate operation into a sophisticated ransomware-as-a-service platform that outfits affiliates with a polished web panel, phishing toolkits, RMM exploits, and double-extortion workflows. Its developers maintain the ransomware codebase in Golang and
TigerJack
CVE-2025-59218 Critical Azure Entra ID AUTH BYPASS Azure Entra ID vulnerability (CVSS 9.6) allowing authentication bypass or privilege escalation within identity services. CVE-2025-59236 Critical Microsoft Excel USE-AFTER-FREE Use-after-free in Microsoft Excel enabling arbitrary code execution when a user opens a malicious document. CVE-2025-59246 Critical Azure Entra ID PRIVILEGE ESCALATION