The TAOTH campaign is a targeted cyber-espionage operation exploiting end-of-support software and spear-phishing to deploy multiple malware families - TOSHIS, DESFY, GTELAM, and C6DOOR.

Two critical vulnerabilities—CVE-2025-53770 and CVE-2025-53771—affecting on-premise Microsoft SharePoint Servers are being actively exploited in the wild. These flaws enable unauthenticated RCE through advanced deserialization and ViewState abuse.

A sophisticated social engineering campaign is exploiting TikTok to distribute the Vidar and StealC information-stealing malware. The campaign uses pirated software themes such as Windows OS, Microsoft Office, CapCut, and Spotify to lure users.

A Chinese threat actor group known as Earth Lamia has been actively exploiting known vulnerabilities in public-facing web applications to compromise organizations across sectors such as finance, government, IT, logistics, retail, and education.

A recent wave of phishing campaigns is exploiting fake CAPTCHA pages to trick users into executing malicious commands via the Windows Run dialog. These attacks deliver multistage payloads using obfuscated JavaScript embedded in MP3 or PDF files.