by Beck Bailey | Aug 30, 2025 | RSS
Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate software for malicious purposes....
by Beck Bailey | Aug 30, 2025 | RSS
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS...
by Beck Bailey | Aug 29, 2025 | RSS
Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. The flaws, per watchTowr Labs, are listed below – CVE-2025-53693 – HTML cache...
by Beck Bailey | Aug 29, 2025 | RSS
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used “compromised websites to redirect...
by Beck Bailey | Aug 29, 2025 | RSS
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across...
Recent Comments