‘Cellik’ Android RAT Leverages Google Play Store – Dark Reading
The remote access Trojan lets an attacker remotely control a victim’s phone and can generate malicious apps from inside the Play Store. – Read More
Cyber
Securing the Network Edge: A Comprehensive Framework for Modern Cybersecurity – Dark Reading
The future of cybersecurity means defending everywhere. Securing IoT, cloud, and remote work requires a unified edge-to-cloud strategy. First in a three-part series. – Read More
Securing the Future: Building Quantum-Safe Networks Today – Dark Reading
As quantum computing advances, interoperable standards will be the key to making QKD practical, trusted, and future-proof. – Read More
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances – The Hacker News
SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild. The vulnerability,…
Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks – The Hacker News
A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and…
Attackers Use Stolen AWS Credentials in Cryptomining Campaign – Dark Reading
Threat actors wielding stolen AWS Identity and Access Management (IAM) credentials leverage Amazon EC and EC2 infrastructure across multiple customer environments. – Read More
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign – The Hacker News
The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a “sustained” credential-harvesting campaign targeting users of UKRnet, a webmail and news service…
"Fake Proof" and AI Slop Hobble Defenders – Dark Reading
In the React2Shell saga, non-working and trivial proof-of-concept exploits led to confusion and perhaps a false sense of security. Can the onslaught of PoCs be tamed? – Read More
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails – The Hacker News
The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, according to Kaspersky. The Russian cybersecurity vendor said it…
JumpCloud agent turns uninstall into a system shortcut – CSO Online
JumpCloud’s Remote Assist for Windows agent contained a critical local privilege escalation flaw, allowing full system compromise. Disclosed by XM Cyber, the vulnerability stems from insecure file operations during uninstall…
Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time – The Hacker News
Modern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate, alerts multiply, and SOCs struggle to understand which dangers matter right now for their business.…
China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware – The Hacker News
The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and…
Russische APT-Gruppe greift westliche KRITIS-Betreiber an – CSO Online
Eine russische Cyberspionage-Kampagne zielt auf Energieversorger. Evgeny_V – shutterstock.com Das Team von Amazon Threat Intelligence stellte fest, dass eine vom russischen Staat geförderte Cyberspionagegruppe vermehrt Energieunternehmen und Anbieter kritischer Infrastrukturen…
Telekom startet System gegen Betrugsanrufe – CSO Online
Der Call Check der Deutschen Telekom soll Smartphone-Kunden künftig vor betrügerischen Anrufen schützen. Sandwish Studio – shutterstock.com Jemand ruft an, die Nummer ist im eigenen Adressbuch nicht eingespeichert. Egal, man…
GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads – The Hacker News
A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject tracking code, and…