Qilin ransomware: stats on attacks, ransoms & data breaches

Qilin ransomware emerged as the most active ransomware group in 2025, with 701 claimed attacks and 116 TB of data stolen. Operating under a ransomware-as-a-service (RaaS) model, Qilin has seen a surge in activity following the shutdown of RansomHub.

Spoofed AI sidebars can trick Atlas, Comet users into dangerous actions

Security researchers have uncovered a critical vulnerability in OpenAI's Atlas and Perplexity's Comet browsers that allows attackers to spoof the built-in AI sidebar. This spoofing attack can deceive users into executing malicious actions.

Atlassian security advisory (AV25-695)

These vulnerabilities may expose organizations to potential security risks, including unauthorized access, data leakage, or service disruption, depending on the nature of the flaws in the affected products.

Google and Check Point nuke massive YouTube malware network

A sophisticated malware campaign known as the "YouTube Ghost Network" has been dismantled by Google and Check Point after distributing over 3,000 malicious videos on YouTube.

Known Exploited Vulnerabilities Catalog

A critical bug, CVE-2025-61932, has been identified in Motex LANSCOPE Endpoint Manager. It allows remote attackers to execute arbitrary code by sending specially crafted packets due to improper verification of the source of communication channels.

Drupal security advisory (AV25-694)

Drupal issued security advisories addressing two moderately critical vulnerabilities in the CivicTheme Design System. These issues affect versions prior to 1.12.0 and include an information disclosure vulnerability and an XSS vulnerability.

Cache poisoning vulnerabilities found in 2 DNS resolving apps

Two high-severity DNS cache poisoning vulnerabilities have been discovered in BIND (CVE-2025-40778 and CVE-2025-40780), along with a related issue in Unbound (CVE-2025-11411). These affect DNS resolvers located inside thousands of organizations.

Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys

A malicious NuGet package named Nethereum.All has been discovered impersonating the legitimate Nethereum library using a homoglyph attack to steal cryptocurrency wallet credentials.

Oxford Nanopore Technologies MinKNOW

Multiple vulnerabilities have been identified in Oxford Nanopore Technologies' MinKNOW software, a DNA and RNA sequencing platform. These flaws could allow attackers to gain unauthorized access, exfiltrate data, and disrupt sequencing operations.

Full Disclosure: [SYSS-2025-015]: Verbatim Keypad Secure (security update v1.0.0.6)

A critical vulnerability (SYSS-2025-015) has been identified in Verbatim Keypad Secure USB 3.2 Gen 1 drives (Part Numbers #49427 and #49428), even after applying the latest firmware update v1.0.0.6.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags