aurologic GmbH, a German hosting provider, has emerged as a central enabler of malicious infrastructure by providing upstream connectivity to numerous high-risk and sanctioned networks.

Francesco Nicodemo, a prominent Italian communications executive and political adviser, has been identified as the fifth Italian victim of Paragon’s Graphite spyware. He is among 90 individuals notified by WhatsApp of the targeting.

Russia-aligned Sandworm deployed two data-wiping malware strains—ZEROLOT and Sting. The malware campaigns have targeted critical sectors including governmental entities, energy infrastructure, logistics providers, and notably, the grain sector.

NGate is a newly identified Android malware that enables attackers to perform unauthorized ATM withdrawals by relaying NFC payment data from victims’ smartphones. It leverages Host Card Emulation (HCE) and advanced social engineering.

A malicious Visual Studio Code extension named susvsex, published by suspublisher18, was discovered on the official VS Code marketplace. The extension exhibited ransomware-like behavior.

Google has issued an emergency security update for Chrome across all major platforms, addressing five critical and medium-severity vulnerabilities. The update includes versions 142.0.7444.134 and 142.0.7444.135 for Windows, Mac, and Linux.

Multiple vulnerabilities have been identified in Cisco products, including Cisco Identity Services Engine (ISE), Cisco Unified Contact Center Express (UCCX), and Cisco Unified Intelligence Center (CUIC).

Gootloader, a JavaScript-based malware loader, has resumed operations after a 7-month hiatus. The malware is being distributed through SEO poisoning campaigns that promote fake websites offering free legal document templates.

A critical bug has been discovered in WatchGuard Fireware OS, specifically affecting the IKEv2 VPN implementation. This Out-of-Bounds Write flaw allows remote, unauthenticated attackers to execute arbitrary code on affected Firebox appliances.

Multiple critical vulnerabilities have been identified in Radiometrics VizAir, a weather monitoring system used in aviation. All vulnerabilities have a CVSS v3.1 and v4 base score of 10.0, indicating maximum severity.