A major law enforcement operation has reportedly compromised the infrastructure of the Rhadamanthys stealer, a prominent malware-as-a-service platform. The takedown has disrupted access to its command-and-control (C2) servers and control panels.

A sophisticated phishing campaign is actively targeting email users by impersonating internal security alert systems. These emails appear to originate from the recipient’s own corporate domain.

A large-scale phishing campaign is actively targeting users of Meta Business Suite by exploiting Facebook’s legitimate business invitation infrastructure. Over 40,000 phishing emails have been distributed to more than 5,000 SMBs.

A high-severity vulnerability has been identified in the Zoom Workplace VDI Client for Windows. This flaw allows authenticated local attackers to escalate privileges due to improper verification of cryptographic signatures in the installer.

A newly discovered Android spyware campaign, dubbed LANDFALL, has exploited a critical zero-day vulnerability (CVE-2025-21042) in Samsung’s image processing library to deliver surveillance malware via malformed DNG image files sent through WhatsApp.

Microsoft is introducing a new feature in Teams that allows users to initiate chats with any email address, even if the recipient is not a Teams user. It significantly increases the risk of phishing, impersonation, and malware attacks.

A coordinated cyber-espionage campaign attributed to Chinese state-linked threat actors has targeted a prominent U.S. non-profit involved in foreign policy advocacy. The operation demonstrates advanced persistence techniques.

Russia-aligned Sandworm deployed two data-wiping malware strains—ZEROLOT and Sting. The malware campaigns have targeted critical sectors including governmental entities, energy infrastructure, logistics providers, and notably, the grain sector.

A sophisticated cyberattack campaign has been attributed to the threat actor group Cavalry Werewolf, targeting government agencies with the intent to steal sensitive data and establish persistent access within critical infrastructure networks.

Google has issued an emergency security update for Chrome across all major platforms, addressing five critical and medium-severity vulnerabilities. The update includes versions 142.0.7444.134 and 142.0.7444.135 for Windows, Mac, and Linux.