Latest Intelligence
Citrix Gear Under Active Attack Again With Another Zero-Day
Citrix has disclosed a zero-day vulnerability affecting its NetScaler ADC and NetScaler Gateway technologies. This is part of a series of three flaws identified by the company. Read Original »
Malicious Scanning Waves Slam Remote Desktop Services
Researchers have observed a significant increase in coordinated scanning of Microsoft Remote Desktop Protocol (RDP) services, suggesting the potential discovery of a new vulnerability that has not yet been disclosed. This spike in activity raises concerns about the security of systems utilizing RDP. Read Original »
Data I/O Becomes Latest Ransomware Attack Victim
Data I/O has fallen victim to a ransomware attack, resulting in outages across various operations of the tech company. The full extent of the breach remains unclear. Read Original »
Hook Android Trojan Now Delivers Ransomware-Style Attacks
The article discusses the evolution of a Hook Android Trojan that now includes features for taking over smartphones and monitoring user activity. This malware is being distributed via GitHub, highlighting ongoing cybersecurity threats. Read Original »
Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775
Citrix has issued patches for three security vulnerabilities in its NetScaler ADC and NetScaler Gateway products, one of which is currently being exploited in the wild. The most critical vulnerability, CVE-2025-7775, has a CVSS score of 9.2 and could lead to remote code execution or denial-of-service. Read Original »
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station
A new attack method called Sni5Gect has been developed by researchers at the Singapore University of Technology and Design, which allows for the downgrading of 5G connections to 4G without the need for a rogue base station. This attack demonstrates a significant vulnerability in 5G network security. Read Original »
The Hidden Risk of Consumer Devices in the Hybrid Workforce
The article highlights the importance of addressing uncontrolled variables in threat models to prevent attackers from exploiting vulnerabilities in consumer devices. It emphasizes that without proper accounting for these risks, the weakest links in security will continue to be targeted. Read Original »
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
Cybersecurity researchers have identified a social engineering campaign targeting supply chain manufacturers with a malware known as MixShell. This campaign, codenamed ZipLine, utilizes a unique method of contact through public 'Contact Us' forms instead of traditional phishing emails. Read Original »
INVT VT-Designer and HMITool
The INVT VT-Designer and HMITool have multiple vulnerabilities that allow remote attackers to execute arbitrary code due to out-of-bounds write issues. These vulnerabilities require user interaction to exploit, such as visiting a malicious page or opening a malicious file. Read Original »
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added a new vulnerability, CVE-2025-7775, related to Citrix NetScaler, to its Known Exploited Vulnerabilities Catalog due to active exploitation evidence. This vulnerability represents a significant risk to federal networks, prompting CISA to urge timely remediation across all organizations. Read Original »
Schneider Electric Modicon M340 Controller and Communication Modules
Schneider Electric's Modicon M340 and associated communication modules have a vulnerability due to improper input validation, which could allow attackers to cause a denial-of-service condition. The vulnerability, tracked as CVE-2025-6625, affects multiple versions of the Modicon M340 products and requires immediate attention to mitigate risks. Read Original »
CISA Releases Three Industrial Control Systems Advisories
CISA has released three advisories addressing vulnerabilities in Industrial Control Systems (ICS) to inform users about security issues and potential exploits. These advisories highlight specific products and provide guidance on mitigation strategies. Read Original »
Docker Desktop Vulnerability Leads to Host Compromise
A critical vulnerability in Docker Desktop has been identified, allowing attackers to gain administrative access by modifying the filesystem of Windows hosts. This poses a significant security risk for users of the software. Read Original »
AI Systems Vulnerable to Prompt Injection via Image Scaling Attack
Researchers have discovered that popular AI systems can be manipulated through a technique called prompt injection, where malicious instructions are concealed within images. This vulnerability poses significant risks as it allows attackers to exploit AI systems without detection. Read Original »
Hundreds of Thousands Affected by Auchan Data Breach
Auchan has confirmed that a data breach has resulted in the theft of personal information belonging to hundreds of thousands of customers. This incident raises concerns about the security of customer data and the potential for misuse. Read Original »