ClickFix
CVE-2025-37734 Medium Elastic Kibana SSRF VULNERABILITY Origin Validation Error in Kibana can lead to Server-Side Request Forgery (SSRF) via a forged Origin HTTP header processed by the Observability AI Assistant. This vulnerability allows attackers to make unauthorized requests from the Kibana server to internal or external resources. Affected Versions • Versions
Microsoft
CVE-2025-46817 Critical Redis Database ≤8.2.1 INTEGER OVERFLOW AUTH REQUIRED Redis versions ≤8.2.1 allow authenticated users to trigger an integer overflow via crafted Lua scripts, potentially leading to remote code execution. The flaw affects all Redis versions with Lua scripting enabled. Mitigation: Update to Redis 8.2.
CrowdStrike
TRENDING TOPICS OCT 09, 2025 CrowdStrike Patches Falcon Sensor Vulnerabilities on Windows CrowdStrike has released fixes for medium-level vulnerabilities in its Falcon sensor for Windows, identified as CVE-2025-42701 and CVE-2025-42706, that could allow attackers with prior code execution to delete arbitrary files and disrupt system stability. The first flaw, a
FileFix
TRENDING TOPICS SEPT 17, 2025 FileFix Campaign Expands Fix Attack Family With StealC Delivery Acronis’ Threat Research Unit has documented the first real-world deployment of FileFix, a successor to the ClickFix social engineering technique. Unlike ClickFix, which tricks users into pasting malicious commands into the Windows Run dialog, FileFix abuses
macOS
TRENDING TOPICS SEPT 08, 2025 Hackers Exploit Fake Microsoft Teams Site to Spread Odyssey macOS Stealer Security researchers have uncovered a large-scale campaign abusing a fraudulent Microsoft Teams download site to distribute the newly identified Odyssey stealer, a macOS malware family with extensive data theft capabilities. Hosted on the domain
Iran
TRENDING TOPICS AUG 26, 2025 Iranian Shipping Crippled Through Maritime Communications Hack In late August 2025, a coordinated cyberattack crippled Iran’s maritime communications, severing satellite links, navigation data, and port coordination for 64 vessels. The operation, attributed to the hacktivist group Lab-Dookhtegan, did not directly breach each ship but
Apple
TRENDING TOPICS AUG 21, 2025 Apple Patches CVE-2025-43300 Zero-Day Exploited in Sophisticated Attacks Apple has released emergency updates to address CVE-2025-43300, a zero-day vulnerability in the Image I/O framework that has been actively exploited in what Apple calls “extremely sophisticated” attacks. The flaw stems from an out-of-bounds write weakness,
Odyssey Stealer
TRENDING TOPICS AUGUST 11, 2025 Odyssey Stealer Targets macOS in Sophisticated ClickFix Campaign In August 2025, researchers at X-Labs uncovered Odyssey Stealer. This macOS-targeting malware builds upon earlier ClickFix phishing techniques to harvest cryptocurrency wallet data, browser credentials, and sensitive personal files. The campaign leverages domains that display fake CAPTCHA
Koske
CVE-2025-25257 Critical FortiClientEMS SQL injection vulnerability in FortiClientEMS versions 7.2.0–7.2.2 and 7.0.1–7.0.10, allowing unauthenticated attackers to perform SQL injection via crafted HTTP requests. Exploitation could lead to unauthorized access, data manipulation, or full system compromise in centralized endpoint management deployments.
Windows UI Automation
TRENDING TOPICS JULY 23, 2025 Update: Coyote Banking Trojan Becomes First to Exploit Windows UI Automation for Credential Theft A newly identified variant of the Coyote banking trojan is the first known malware to exploit Microsoft’s UI Automation (UIA) framework for real-world credential theft, marking a major shift in
UNG0002
TRENDING TOPICS JULY 17, 2025 UNG0002 Deploys ClickFix Technique with Custom RAT Arsenal in Multi-Campaign Operations Cybersecurity researchers at Seqrite Labs have attributed two distinct, technically advanced cyber-espionage campaigns—Operation Cobalt Whisper (May–Sept 2024) and Operation AmberMist (Jan–May 2025)—to a state-aligned Southeast Asian threat actor tracked as
Qilin
TRENDING TOPICS JUNE 18, 2025 Update: Qilin Ransomware Targets Multiple Platforms with Advanced Evasion Techniques Qilin ransomware has rapidly emerged as a highly active and advanced threat, known for targeting a wide array of platforms, including Windows workstations, Linux servers, and VMware ESXi systems. Unlike many other ransomware variants, Qilin