Escalating cyber operations continue to demonstrate both technical sophistication and expanding targeting scope. Researchers recently identified widespread campaigns involving the Winos 4.0 malware, which are aimed at organizations in Taiwan. At the same time, the Predator spyware has advanced its stealth mechanisms by integrating with Apple’s iOS SpringBoard process to enable covert monitoring of compromised iPhones. An FBI report highlights a rise in ATM jackpotting incidents, where attackers deploy specialized malware to override cash machine controls and force unauthorized cash withdrawals. Keep reading further.
01
Researchers uncovered massive Winos 4.0 malware campaigns targeting organizations in Taiwan, delivering advanced remote access trojan capabilities for espionage and persistent control.
02
The Predator spyware has evolved to hook into Apple’s iOS SpringBoard process to conceal microphone and camera activity indicators, enabling covert surveillance of targeted iPhone users.
03
Threat actors have distributed Pulsar RAT through a malicious NPM supply chain attack, embedding payloads inside seemingly benign PNG image files to evade detection.
04
A new cyberattack campaign, ClickFix, uses fake CAPTCHA prompts to trick users into executing malicious PowerShell commands. The malware targets over 25 browsers, cryptocurrency wallets, and gaming accounts, stealing sensitive data.
05
Hackers are abusing ScreenConnect remote management software by sending fake Social Security-themed phishing emails that trick victims into granting remote access to their PCs.
06
Hundreds of FortiGate firewalls hosted on AWS have been compromised in AI-assisted automated attacks, enabling threat actors to gain persistent administrative access.
07
According to an FBI report, ATM jackpotting attacks are increasing, with criminals deploying specialized malware to manipulate cash machines into dispensing large amounts of money illicitly.
08
A recently disclosed vulnerability (CVE-2025-49113) in Roundcube Webmail is being exploited in the wild, allowing attackers to execute malicious code and compromise email accounts via crafted email content.
09
A critical vulnerability (CVE-2025-12543) in HPE Telco Service Activator could allow unauthenticated attackers to execute arbitrary commands, posing serious risks to telecom infrastructure environments.
10
A Windows-specific flaw (CVE-2026-20140) in Splunk Enterprise enables DLL hijacking attacks that could allow local privilege escalation and arbitrary code execution on affected systems.
