Latest Intelligence
Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access
Researchers have identified a critical design flaw in delegated Managed Service Accounts (dMSAs) in Windows Server 2025, which could lead to severe security breaches. This vulnerability allows for cross-domain lateral movement and provides persistent access to managed service accounts and their resources within Active Directory. Read Original »
AI Agents Act Like Employees With Root Access—Here's How to Regain Control
The article highlights the risks associated with deploying AI systems without proper security measures, likening them to junior employees with root access. It emphasizes the need for identity-first security to prevent unauthorized access and control issues as enterprises increasingly adopt generative AI technologies. Read Original »
Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild
Google has released a critical update for Chrome to address six security issues, including a high-severity vulnerability, CVE-2025-6558, which is actively being exploited. This vulnerability involves incorrect validation of untrusted input in the browser's ANGLE and GPU components. Read Original »
Deepfakes. Fake Recruiters. Cloned CFOs — Learn How to Stop AI-Driven Attacks in Real Time
Social engineering attacks have evolved significantly, utilizing generative AI and deepfake technology to create highly convincing impersonations of executives and organizations. These sophisticated tactics go beyond simple phishing, posing serious threats to cybersecurity. Read Original »
New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code
A new variant of the Konfety malware has been identified, which uses the evil twin technique to facilitate ad fraud. This method involves creating a malicious app that shares the same package name as a legitimate app found on the Google Play Store. Read Original »
Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
Google's AI framework, Big Sleep, identified a critical memory corruption vulnerability in the SQLite database engine before it could be exploited by attackers. The flaw, tracked as CVE-2025-6965, affects all versions of SQLite prior to 3.50.2. Read Original »
Altered Telegram App Steals Chinese Users' Android Data
Attackers are using over 600 domains to lure Chinese-speaking victims into downloading a compromised version of the Telegram app, which is particularly difficult to detect on older Android devices. This poses a significant risk to the personal data of users who install the vulnerable app. Read Original »
Lessons Learned From McDonald's Big AI Flub
McDonald's hiring platform faced a significant cybersecurity issue by using default credentials, which led to the exposure of sensitive information belonging to potentially millions of job applicants. This incident highlights the importance of securing access credentials to protect personal data. Read Original »
AI Is Reshaping How Attorneys Practice Law
The article discusses the growing influence of AI in the legal field, emphasizing the need for attorneys to enhance their AI literacy and understand the ethical implications of AI usage. It also highlights the importance of implementing verification protocols to ensure credibility in courtrooms affected by AI technologies. Read Original »
AsyncRAT Spawns Concerning Labyrinth of Forks
AsyncRAT, which emerged on GitHub in 2019, exemplifies the rise of open source malware that has made cybercrime more accessible. Its numerous variants create a complex landscape for cybersecurity efforts. Read Original »
Attackers Abuse AWS Cloud to Target Southeast Asian Governments
A cyber campaign targeting Southeast Asian governments has been identified, utilizing a new backdoor named HazyBeacon. This campaign leverages legitimate cloud communication channels for command-and-control and data exfiltration, obscuring its malicious activities. Read Original »
Hyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors
Cloudflare reported a significant increase in hyper-volumetric DDoS attacks, reaching a record high of 7.3 million mitigated attacks in Q2 2025, down from 20.5 million in the previous quarter. The company blocked over 6,500 hyper-volumetric DDoS attacks during this period. Read Original »
Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools
GLOBAL GROUP is a newly emerged ransomware-as-a-service operation that has been active since June 2025, targeting various sectors across multiple countries including Australia, Brazil, Europe, and the United States. The operation is promoted by a threat actor known as '$$$' on the Ramp4u forum. Read Original »
How Criminal Networks Exploit Insider Vulnerabilities
Criminal networks are evolving rapidly, taking advantage of insider vulnerabilities within companies. The article emphasizes the need for organizations to enhance their defenses to counteract these threats. Read Original »
MITRE Launches AADAPT Framework for Financial Systems
MITRE has introduced the AADAPT framework, which is designed to enhance the detection and response to cyberattacks targeting cryptocurrency assets and financial systems. This new framework is modeled after the existing MITRE ATT&CK framework. Read Original »