A massive network, active for over 14 years, is being used for illegal online gambling and malware distribution, doubling as a command and control (C2) and anonymity infrastructure.

A new wave of cyberattacks is exploiting legitimate Remote Monitoring and Management (RMM) tools such as LogMeIn Resolve and PDQ Connect. Attackers trick users into installing these tools under false pretenses.

US radio broadcasters are being targeted in a surge of infrastructure hijackings where intruders exploit unsecured Barix audio devices to air unauthorized Emergency Alert System (EAS) tones and offensive content over public airwaves.

Emerging malicious LLMs such as WormGPT 4 and KawaiiGPT are being sold and distributed through underground platforms like Telegram and Darknet forums. These AI-based tools are capable of generating highly functional malware scripts.

The OWASP Top 10 for 2025 introduces core changes emphasizing systemic risks in modern application ecosystems. Key additions include “Supply Chain Failures” at rank #3 and “Mishandling of Exceptional Conditions” at rank #10.

An ATM fraud operation led by the threat group UNC2891 involved ATM malware, money mule recruitment, rootkit-based PIN bypass, and coordinated cash withdrawal efforts targeting two major Indonesian banks between 2022 and 2024.

Thousands of ASUS WRT routers, mostly end-of-life or outdated devices, have been hijacked in a global campaign called Operation WrtHug that exploits several vulnerabilities.

The vulnerability, tracked as CVE-2025-9501, in the W3 Total Cache (W3TC) WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.

The Sneaky2FA phishing-as-a-service (PhaaS) kit has added browser-in-the-browser (BitB) capabilities that are used in attacks to steal Microsoft credentials and active sessions.

British lawmakers have been warned of a growing espionage campaign spearheaded by China’s Ministry of State Security (MSS), which leverages LinkedIn as a vector to target members of Parliament and policy influencers.