Latest Intelligence
Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages
Cybercriminals are using the ClickFix social engineering tactic to deploy a backdoor known as CORNFLAKE.V3. This method involves fake CAPTCHA pages to deceive users into granting access to their systems. Read Original »
Telecom Firm Colt Confirms Data Breach as Ransomware Group Auctions Files
Colt Technology Services has confirmed a data breach resulting from a ransomware attack that included the theft of data. The company is currently focused on restoring the disrupted systems. Read Original »
Apple Patches Zero-Day Flaw Used in 'Sophisticated' Attack
Apple has patched a zero-day vulnerability, identified as CVE-2025-43300, which was exploited in sophisticated cyberattacks targeting specific individuals. This indicates potential involvement of spyware or nation-state hacking. Read Original »
Prepping the Front Line for MFA Social Engineering Attacks
The article emphasizes the ongoing evolution of attackers targeting help desks, particularly through MFA social engineering attacks. It suggests that with appropriate training and support, frontline agents can become significant assets in enhancing security. Read Original »
Tailing Hackers, Columbia University Uses Logging to Improve Security
Columbia University utilized logging netflows to gain insights into the tactics employed by state-sponsored hackers during a breach targeting its research labs. This approach highlights the importance of logging in enhancing cybersecurity measures. Read Original »
DARPA: Closing the Open Source Security Gap With AI
DARPA's Kathleen Fisher highlighted the AI Cyber Challenge at DEF CON 33, emphasizing how automation can effectively address and patch cybersecurity vulnerabilities on a large scale. The initiative aims to close the open source security gap using artificial intelligence. Read Original »
Scattered Spider Hacker Sentenced to Prison
Noah Urban has been sentenced to 10 years in prison for his involvement in the cybercriminal group Scattered Spider. This operation is known for its notorious activities in the realm of cybersecurity. Read Original »
Password Managers Vulnerable to Data Theft via Clickjacking
A researcher has found that nearly a dozen password managers are vulnerable to clickjacking attacks, which could lead to data theft. This highlights a significant security issue within these widely used applications. Read Original »
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added a new vulnerability, CVE-2025-43300, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability affects Apple iOS, iPadOS, and macOS and poses significant risks to federal networks. Read Original »
Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module
Mitsubishi Electric Corporation's MELSEC iQ-F Series CPU module has a vulnerability due to improper handling of length parameter inconsistency, which could allow remote attackers to disrupt the Web server function. This vulnerability has been assigned CVE-2025-5514 and has a CVSS score of 5.3. Read Original »
CISA Releases Three Industrial Control Systems Advisories
CISA has issued three advisories regarding vulnerabilities in Industrial Control Systems (ICS) as of August 21, 2025. These advisories highlight security issues and provide guidance on mitigations for affected products. Read Original »
FUJIFILM Healthcare Americas Synapse Mobility
FUJIFILM Healthcare Americas Synapse Mobility has a vulnerability that allows for privilege escalation through external control of web parameters, potentially enabling unauthorized access to sensitive information. Users are advised to upgrade to version 8.2 or later to mitigate the risk associated with this vulnerability. Read Original »
Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI
Russian state-sponsored hackers known as Static Tundra are exploiting a vulnerability in Cisco devices that has been known for seven years, specifically CVE-2018-0171. This highlights the ongoing risk posed by outdated vulnerabilities in widely used network equipment. Read Original »
Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
Researchers have identified a new malware loader named QuirkyLoader, which has been actively used since November 2024 to distribute various types of malware through email spam campaigns. This loader facilitates the delivery of several malicious payloads, including information stealers and remote access trojans. Read Original »
Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025
The Blue Report 2025 highlights that many organizations are still vulnerable to attacks stemming from weak passwords and compromised accounts, despite being aware of these threats. It emphasizes that these types of attacks are often more impactful than advanced techniques used by adversaries. Read Original »