Marco Stealer is a sophisticated information stealer targeting browser data, cryptocurrency wallets, and sensitive files. It employs advanced anti-analysis techniques and uses AES-256 encryption for secure C2 communication.

La Sapienza University, Europe's largest by in-campus students, has been hit by a ransomware attack attributed to the pro-Russian group Femwar02. The attack has led to significant disruptions, with IT systems offline and data encrypted.

The AISURU/Kimwolf botnet has launched a record-setting DDoS attack, peaking at 31.4 Tbps. This attack is part of a significant increase in DDoS activity in 2025, with Cloudflare mitigating over 47.1 million attacks throughout the year.

CISA has added two vulnerabilities, CVE-2025-11953 and CVE-2026-24423, to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are actively exploited and pose significant risks to federal enterprises.

Spain's Ministry of Science has partially shut down its IT systems following claims of a cyberattack. The Ministry cited a "technical incident" without confirming the attack.

A recent Android malware campaign has been identified, exploiting the Hugging Face platform to distribute thousands of malicious APK variants. The malware, disguised as a security tool named TrustBastion.

Two critical vulnerabilities, collectively known as "LookOut," have been identified in Google Looker, a business intelligence platform used by over 60,000 organizations globally.

A critical security breach has been identified in the update infrastructure of Notepad++, a widely used text editor for Windows. The breach, attributed to suspected Chinese state hackers.

A recent cloud breach highlights the dangers of exposed AWS credentials and AI-assisted attacks. An attacker gained full admin access to a company's cloud environment in just eight minutes.

CISA issued a warning regarding a five-year-old GitLab vulnerability that is actively being exploited. CISA has urged all organizations, including those in the private sector, to prioritize securing their devices against these ongoing attacks.