Sapphire Werewolf has introduced a potent new weapon into its cyber arsenal, unveiling the latest iteration of the Amethyst stealer in a calculated phishing attack against an energy firm.

Hellcat ransomware, active since mid-2024, has rapidly evolved into a significant threat targeting critical sectors. The group employs a combination of psychological manipulation, zero-day vulnerabilities, and RaaS to maximize impact.

Microsoft has disclosed an active exploitation of a zero-day vulnerability in the Windows CLFS driver, tracked as CVE-2025-29824. The flaw, classified as an Elevation of Privilege vulnerability, has been assigned a CVSS score of 7.8.

A recent security disclosure has revealed a remote code execution (RCE) vulnerability, CVE-2025-27607, in the Python JSON Logger package, affecting versions between 3.2.0 and 3.2.1.This vulnerability arises from a missing dependency.

Notably, the flaw requires authentication, limiting immediate widespread exploitation. However, compromised accounts or phishing attacks could bypass this barrier. The pgAdmin team resolved the issue in version 9.2.

According to an official notice, the breach occurred between January 28, 2025, and February 9, 2025, during which an unauthorized actor gained access to sensitive information stored on the organization’s systems.

OpenVPN has patched a security vulnerability (CVE-2025-2704) that could potentially allow attackers to crash servers and execute remote code under certain conditions, with the flaw affecting specific server configurations.

A sophisticated phishing campaign orchestrated by a Russian-speaking threat actor has been uncovered, revealing the abuse of Cloudflare services and Telegram for malicious purposes.

AhnLab SEcurity intelligence Center (ASEC) recently identified a phishing malware being distributed using the Scalable Vector Graphics (SVG) file format. The malware contains obfuscated redirect URLs, which lead victims to phishing pages.

Cybersecurity experts have uncovered a new malware campaign targeting Microsoft Teams users to infiltrate corporate systems. Attackers bypassed traditional defenses, delivering malware capable of stealing credentials.