News

ASUS Patches RCE Bugs in DriverHub

The two vulnerabilities can be chained together to gain RCE

Russian COLDRIVER Threat Group Using New LOSTKEYS Malware

The new malware is called LOSTKEYS and is designed to steal files from a number of different directories

CISA Warns of OT Attacks By Lower-Level Adversaries

In a new advisory, the agencies–including the Environmental Protection Agency and Department of Energy–said that they are seeing an uptick in the number of attacks against OT networks by non-APT teams

Commvault CVE-2025-3928 Targeted by Attackers

Microsoft alerted the company to the issue in February

ASUS Warns of Critical Auth Bypass Flaw

The vulnerability is in the AiCloud feature in some ASUS routers, which is designed to enable users to share and manage their files across devices

Apple Fixes Two Zero Days in iOS

Attackers Target FortiGate Devices With New Post-Exploit Technique

Critical Fortinet Flaw Allows Remote, Unauthenticated Admin Password Change

The vulnerability has a CVSS score of 9.8 and is obviously rated as critical.

Ivanti CVE-2025-22457 Under Active Attack

The vulnerability affects many versions of Ivanti appliances and is being exploited by a Chinese actor

Tax Season Phishing 2025 - Full Threat Breakdown

Threat actors are exploiting the 2025 tax season with phishing campaigns delivering malware like BRc4, Latrodectus, Remcos, and more. Here's how attackers are using IRS lures, QR codes, and PhaaS platforms to breach U.S. organizations.

CISA Warns of RESURGE Malware Targeting Ivanti Appliances

The Phishing Pages That Could Get You Killed

A phishing operation tied to Russian intelligence mimics Ukrainian paramilitary recruitment pages to unmask citizens opposing the war. Search engines helped rank the fakes — exposing users to surveillance, arrest, or worse.