⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More

14/04/2025 0 Comments 0 tags

Attackers aren’t waiting for patches anymore — they are breaking in before defenses are ready. Trusted security tools are being hijacked to deliver malware. Even after a breach is detected

Cybersecurity in the AI Era: Evolve Faster Than the Threats or Get Left Behind

14/04/2025 0 Comments 0 tags

AI is changing cybersecurity faster than many defenders realize. Attackers are already using AI to automate reconnaissance, generate sophisticated phishing lures, and exploit vulnerabilities before security teams can react. Meanwhile,

Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT

14/04/2025 0 Comments 0 tags

A threat actor with ties to Pakistan has been observed targeting various sectors in India with various remote access trojans like Xeno RAT, Spark RAT, and a previously undocumented malware

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit

11/04/2025 0 Comments 0 tags

Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was

Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors

11/04/2025 0 Comments 0 tags

The threat actor known as Paper Werewolf has been observed exclusively targeting Russian entities with a new implant called PowerModul. The activity, which took place between July and December 2024,

Initial Access Brokers Shift Tactics, Selling More for Less

11/04/2025 0 Comments 0 tags

What are IABs? Initial Access Brokers (IABs) specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps

11/04/2025 0 Comments 0 tags

Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote. These bogus websites masquerade as

Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Gateways

11/04/2025 0 Comments 0 tags

Palo Alto Networks has revealed that it’s observing brute-force login attempts against PAN-OS GlobalProtect gateways, days after threat actors warned of a surge in suspicious login scanning activity targeting its

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

11/04/2025 0 Comments 0 tags

A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1),

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes

10/04/2025 0 Comments 0 tags

Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at