Zeljka Zorz
BlackLock ransomware onslaught: What to expect and how to fight it
BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest. Its success is primarily due to their unusually active …
The XCSSET info-stealing malware is back, targeting macOS users and devs
A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in …
A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)
The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, …
Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme
Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of …
Threat actors are using legitimate Microsoft feature to compromise M365 accounts
Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) …
North Korean hackers spotted using ClickFix tactic to deliver malware
North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called …
Sandworm APT’s initial access subgroup hits organizations accross the globe
A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is …
PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)
Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept …
Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)
February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under …
8Base ransomware group leaders arrested, leak site seized
The Thai police has arrested four individuals suspected of being the leaders of the 8Base ransomware group and of stealing approximately $16 million from 1,000+ victims they …
Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)
Users of iPhones and iPads that run iOS/iPadOS 18 and iPadOS 17 are urged to implement the latest updates to plug a security feature bypass vulnerability (CVE-2025-24200) …
Malicious ML models found on Hugging Face Hub
Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models. …
Featured news
Resources
Don't miss
- Cozy Bear targets EU diplomats with wine-tasting invites (again)
- Funding uncertainty may spell the end of MITRE’s CVE program
- When companies merge, so do their cyber threats
- Strategic AI readiness for cybersecurity: From hype to reality
- Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques