Xerox has released critical patches for FreeFlow Core version 8.0.4 to address two high-severity vulnerabilities—CVE-2025-8355 and CVE-2025-8356—that enable Server-Side Request Forgery (SSRF) and Remote Code Execution (RCE).

UAC-0099, a threat actor group, is actively targeting Ukrainian defense and government entities using a sophisticated malware delivery chain. The campaign leverages phishing emails with double-archived HTA files to deploy the MATCHBOIL loader.

Hackers are using weaponized .HTA files to deploy the Epsilon Red ransomware, leveraging ActiveX and Windows Command Shell for stealthy payload delivery. The malware employs social engineering tactics.

Gunra ransomware, active since April 2025, targets Windows systems and uses advanced tactics, including rapid file encryption and shadow copy deletion, to maximize impact. The ransomware shows similarities to Conti ransomware.

A newly discovered botnet campaign is exploiting VoIP-enabled routers by leveraging default password attacks over Telnet. Initially detected in a small New Mexico community, the operation has since expanded globally, compromising over 500 devices.

Researchers uncovered 13 critical vulnerabilities in the Niagara Framework, developed by Tridium. These flaws, consolidated into 10 CVEs, affect building management, industrial automation, and smart infrastructure systems globally.

A recent wave of phishing campaigns has been observed exploiting spoofed Microsoft SharePoint domains and abusing legitimate hosting platforms to harvest user credentials.hese campaigns employ structured domain naming conventions.

Ransomware groups are increasingly weaponizing Remote Monitoring and Management (RMM) tools—originally intended for legitimate IT operations—to conduct sophisticated cyber intrusions.

A new wave of crypto-jacking has infected over 3,500 websites using stealthy JavaScript miners. This campaign marks a resurgence of browser-based mining reminiscent of Coinhive but with advanced evasion techniques.

Security researchers have uncovered a critical set of Bluetooth vulnerabilities, dubbed PerfektBlue, in OpenSynergy’s BlueSDK framework. These flaws affect millions of devices, including in-vehicle infotainment systems.