A high-severity remote code execution vulnerability, CVE-2025-62518 (CVSS 8.1), has been discovered in the async-tar Rust library and its numerous forks, including tokio-tar, uv, testcontainers, wasmCloud, astral-tokio-tar, and krata-tokio-tar.

North Korean threat actors, including Famous Chollima and UNC5342, have been observed deploying advanced malware strains and novel techniques to steal credentials, exfiltrate cryptocurrency, and conduct ransomware attacks.

Researchers have identified over 130 fake personas linked to more than 6,500 job interviews across approximately 5,000 companies over a four-year period through mid-2025.

A widespread extortion campaign is targeting Oracle customers with emails claiming data theft from Oracle’s E-Business Suite. The emails are allegedly linked to the Clop ransomware group.

The report focuses on DOGE’s activities at the General Services Administration (GSA), Office of Personnel Management (OPM), and Social Security Administration (SSA), revealing multiple instances of potential cybersecurity violations.

Threat actors are increasingly adopting stealthy and unconventional techniques inspired by the Chinese APT group Salt Typhoon, which previously infiltrated major telecommunications providers.

A cyberattack on MySonicWall.com has resulted in unauthorized access to customer firewall configuration files. Hackers conducted a series of brute-force attacks on individual accounts to access backup firewall preference files stored in the cloud.

Google has released its September 2025 Android security update, addressing a record-breaking 120 vulnerabilities. Notably, the update patches two actively exploited zero-day vulnerabilities affecting the Android kernel and runtime components.

U.S. authorities have charged Ianis Aleksandrovich Antropenko, a Russian national, with multiple felonies related to the deployment of Zeppelin ransomware from 2018 to 2022. The charges include conspiracy to commit computer fraud and abuse.

Researchers have identified PromptLock, the first known AI-powered ransomware, written in Golang. This malware leverages prompt injection attacks on large language models (LLMs) to execute ransomware functions.