Trend Micro researchers said the Albabat ransomware version 2.0 not only targets Microsoft Windows but also gathers system and hardware information on Linux and macOS systems.

The vulnerability, tracked as CVE-2025-2538, carries a CVSS score of 9.8, marking it as a critical severity issue. It specifically affects certain deployments of Portal for ArcGIS, a core component in the ArcGIS Enterprise ecosystem.

The targeted entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States.

Valve has removed from its Steam store the game title 'Sniper: Phantom's Resolution' following multiple users reporting that the demo installer infected their systems with information stealing malware.

Researchers at Elastic Security Labs observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using a packer-as-a-service (PaaS) called HeartCrypt.

Known as Dragon RaaS, or simply Dragon Team, this emerging group blends political hacktivism with opportunistic cybercrime — all while operating under the shadowy umbrella of “The Five Families” cybercrime syndicate.

In this latest case of "cascading fraud," the cybercriminals abuse the Semrush brand, a popular software-as-a-service (SaaS) platform used for SEO, online advertising, content marketing, and competitive research.

The flaw, tracked as CVE-2025-26909, impacts all versions of WP Ghost up to 5.4.01 and stems from insufficient input validation in the 'showFile()' function. Exploitation could allow attackers to include arbitrary files via manipulated URL paths.

The two malicious extensions, named "ahban.shiba" and "ahban.cychelloworld," were downloaded seven and eight times, respectively, before they were eventually removed from the store.

Typical tooling used by UAT-5918 includes networking tools such as FRPC, FScan, In-Swor, Earthworm, and Neo-reGeorg. Credential harvesting is accomplished by dumping registry hives, NTDS, and using tools such as Mimikatz and browser data stealers.