Albabat Ransomware Evolves to Target Linux and macOS

Trend Micro researchers said the Albabat ransomware version 2.0 not only targets Microsoft Windows but also gathers system and hardware information on Linux and macOS systems.

Critical Security Flaw in ArcGIS Enterprise Exposes Admin Accounts to Remote Takeover

The vulnerability, tracked as CVE-2025-2538, carries a CVSS score of 9.8, marking it as a critical severity issue. It specifically affects certain deployments of Portal for ArcGIS, a core component in the ArcGIS Enterprise ecosystem.

Steam Pulls Game Demo Infecting Windows With Info-Stealing Malware

Valve has removed from its Steam store the game title 'Sniper: Phantom's Resolution' following multiple users reporting that the demo installer infected their systems with information stealing malware.

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

Researchers at Elastic Security Labs observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using a packer-as-a-service (PaaS) called HeartCrypt.

WordPress security plugin WP Ghost vulnerable to remote code execution bug

The flaw, tracked as CVE-2025-26909, impacts all versions of WP Ghost up to 5.4.01 and stems from insufficient input validation in the 'showFile()' function. Exploitation could allow attackers to include arbitrary files via manipulated URL paths.

VSCode Extensions Found Downloading Early-Stage Ransomware

The two malicious extensions, named "ahban.shiba" and "ahban.cychelloworld," were downloaded seven and eight times, respectively, before they were eventually removed from the store.

Critical Cisco Smart Licensing Utility Flaws Now Exploited in Attacks

SANS Technology Institute's Dean of Research Johannes Ullrich reported that threat actors are now chaining the two security flaws in exploitation attempts targeting Cisco Smart Licensing Utility instances exposed on the Internet.

Rust Beacon Deploys Cobalt Strike in South Korean Cyber Intrusion Campaign

Researchers reported a cyber intrusion campaign targeting South Korean entities, where attackers deployed a Rust-compiled loader to deliver a modified Cobalt Strike Cat (version 4.5) via a briefly exposed web server.

Synology Replication Service Vulnerability Scores Maximum CVSS Rating

The vulnerability, identified as CVE-2024-10442, is an off-by-one error in the transmission component of the Synology Replication Service. It affects Synology Unified Controller (DSMUC) and Replication Service for various versions of Synology DSM.

Critical WordPress Plugin Vulnerability Exposes Over 40,000 Websites to Code Execution Attacks

This security flaw allows unauthenticated attackers to include and execute arbitrary PHP files on the server. The risk associated with this vulnerability is particularly severe, as it could lead to full server compromise.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags