A newly discovered malware family named LameHug is leveraging artificial intelligence to dynamically generate Windows data-theft commands in real-time. LameHug is the first malware to integrate LLM for operational command generation.

Matanbuchus is a malware-as-a-service (MaaS) operation first advertised on the dark web in early 2021 for $2,500. It is designed to execute malicious payloads directly in memory, enabling it to evade traditional detection mechanisms.

VMware has patched four zero-day vulnerabilities in ESXi, Workstation, Fusion, and Tools. Three of these flaws (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238) are critical, allowing guest-to-host code execution.

Between April and June 2024, Lumma's marketplace listed over 21,000 stolen data logs. In May 2025, a coordinated law enforcement operation led by Microsoft, DOJ, Europol, and J3C disrupted Lumma’s infrastructure.

A significant security breach at the BigONE cryptocurrency exchange has resulted in the theft of approximately $27 million in digital assets. The attack was identified as a supply-chain compromise targeting the platform’s hot wallet infrastructure.

Cisco has disclosed and patched a critical vulnerability, CVE-2025-20337 (CVSS 10), in its ISE and ISE-PIC. This flaw allows unauthenticated remote attackers to execute arbitrary code with root privileges.

A sophisticated Malware-as-a-Service (MaaS) operation has been identified leveraging the Emmenhtal loader and Amadey malware to distribute a variety of payloads. The campaign targets Ukrainian entities and utilizes public GitHub repositories.

A newly discovered backdoor malware dubbed GhostContainer is targeting Microsoft Exchange servers in high-value organizations across Asia. The malware is a .NET-based PE32 executable that leverages open-source tools and exploits CVE-2020-0688.

A major data breach at Episource has compromised the personal and health information of over 5.4 million individuals across the United States. The breach exposed sensitive data including names, contact details, SSNs, insurance information, and PHI.

Karen Serobovich Vardanyan, a 33-year-old Armenian national, has been extradited to the United States and charged for his alleged involvement in Ryuk ransomware attacks that occurred between March 2019 and September 2020.