Security researchers are warning that cyber threat actors are abusing a critical vulnerability in Microsoft Windows Server Update Service. The vulnerability, tracked as CVE-2025-59287, involves deserialization of untrusted data and could allow intruders to execute code without authorization. Researchers at Huntress said they have seen attackers exploiting the vulnerability in four different customers' networks. READ MORE...
LastPass is warning customers of a phishing campaign sending emails with an access request to the password vault as part of a legacy inheritance process. The activity started in mid-October, and the domains and infrastructure used point to a financially motivated threat group called CryptoChameleon (UNC5356). CryptoChamemelon employs a phishing kit specializing in cryptocurrency theft, targeting multiple wallets including Binance, Coinbase, Kraken, and Gemini. READ MORE...
Attackers are using the open-source red-team tool RedTiger to build an infostealer that collects Discord account data and payment information. The malware can also steal credentials stored in the browser, cryptocurrency wallet data, and game accounts. RedTiger is a Python-based penetration testing suite for Windows and Linux that bundles options for scanning networks and cracking passwords, OSINT-related utilities, Discord-focused tools, and a malware builder. READ MORE...
When the pandemic kept people at home in 2020, millions turned to games for an escape. The surge turned every console, PC, and phone into part of a vast online network. More players meant more logins, payments, and personal data. That created a target larger than the industry had ever faced. Gaming was the most targeted industry for HTTP DDoS attacks in 2024, with Layer 7 incidents rising 94 percent year over year. READ MORE...
Cyberattacks against federal employees have nearly doubled since the US government shut down on Oct. 1. With vital agencies on pause, employees furloughed, and threat activity only ever rising, the federal government and its personnel have possibly never been weaker than they are right now, from a cybersecurity perspective. Predictably, threat actors have noticed. The month of October has seen a surge of meaningful attacks against government workers in limbo. READ MORE...
Microsoft fixed a security hole in Microsoft 365 Copilot that allowed attackers to trick the AI assistant into stealing sensitive tenant data - like emails - via indirect prompt injection attacks. The attack uses indirect prompt injection - embedding malicious instructions into a prompt that the model can act upon, as opposed to direct prompt injection, which involves someone directly submitting malicious instructions to an AI system. READ MORE...
Much of the cybersecurity community was disappointed to learn on Thursday that a researcher scheduled to demonstrate a $1 million WhatsApp exploit at the Pwn2Own hacking contest had withdrawn from the event, but it appears that some have correctly speculated regarding the exploit's technical viability. A total of more than $1 million was paid out to the researchers who took part in the Pwn2Own Ireland 2025 contest organized this week by Trend Micro's Zero Day Initiative (ZDI). READ MORE...
Three critical-severity vulnerabilities in the GutenKit and Hunk Companion WordPress plugins have been exploited in a new campaign, Defiant warns. Mass exploitation of the security defects started on October 8, with roughly 9 million exploit attempts blocked by the WordPress security firm over a two-week period, and follows previously identified large-scale campaigns targeting the same bugs. READ MORE...
Critical flaws in TP-Link Omada and Festa VPN routers could allow attackers to take control of a device, according to a report released Thursday from Forescout Research - Vedere Labs. One vulnerability, tracked as CVE-2025-7850, could enable OS command injection through improper sanitation of user input, according to the researchers.The flaw, which has a severity score of 9.3, in some cases can be exploited without requiring credentials to the device. READ MORE...