Cybercriminals are turning a trusted tool into a Trojan horse. A vulnerable Windows driver linked to Adlice's product suite is being exploited to deploy Gh0st RAT, with over 2,500 variants in circulation. A silent army of 130,000 compromised devices is hammering Microsoft 365 accounts with password-spray attacks. CISA is warning against a bug in Oracle’s Agile Product Lifecycle Management software, which attackers could use to execute arbitrary code. Read on for more.
01
A large-scale malware campaign has been exploiting a vulnerable Windows driver associated with Adlice's product suite to evade detection and deliver the Gh0st RAT, with over 2,500 distinct variants of the vulnerable driver identified.
02
A botnet of over 130,000 compromised devices is conducting password-spray attacks against Microsoft 365 accounts globally, using Basic Authentication to bypass MFA and gain unauthorized access.
03
A new malware campaign is targeting Mac users with Poseidon Stealer, using a fake website that mimics the legitimate DeepSeek platform to trick users into downloading malicious payloads.
04
SentinelLABS has observed a campaign targeting opposition activists in Belarus and Ukrainian military and government organizations. The campaign uses weaponized Excel documents, with new adaptations of PicassoLoader.
05
The CISA has added a vulnerability (CVE-2024-20953) in Oracle's Agile Product Lifecycle Management software to its KEV catalog. The bug could allow a low-privileged attacker to execute arbitrary code.
06
Threat actors are now bypassing Microsoft Outlook’s spam filters, allowing them to deliver malicious ISO files directly to users' inboxes by leveraging hyperlink obfuscation to disguise malicious links as benign URLs.
07
Unit 42 discovered a new Linux malware named Auto-color, which employs various evasion techniques such as using benign-looking file names, hiding remote C2 connections, and more.
08
The latest version of Parallels Desktop virtualization software for macOS contains an unpatched zero-day vulnerability, allowing root access, with a proof-of-concept exploit available.
09
Ransomware attacks against industrial organizations increased by 87% in 2025, with a 60% jump in ransomware groups targeting OT and ICS, according to Dragos' Year in Review report.
10
In Q4 2024, over one billion fraudulent calls were reported globally, with a quarter of Brits and 31% of Americans falling victim to deepfake calls, according to a new Report.
