Attackers are demonstrating incredible range, hitting novel AI infrastructure, decentralized finance, and personal mobile apps. Researchers revealed a sophisticated backdoor named SesameOp, which cleverly exploits OpenAI's API for its stealthy C2 communications. On the financial front, the Balancer DeFi platform suffered a devastating exploit targeting its stable pools, leading to losses exceeding $100 million. This comes as two Android spyware campaigns in the UAE impersonate privacy-focused apps like Signal and ToTok to steal user data. Read on for more.
01
Microsoft has revealed a sophisticated backdoor named SesameOp, which exploits OpenAI's API for stealthy C2 communications. The infection chain includes a loader component and a .NET-based backdoor.
02
The Balancer DeFi platform suffered a major exploit targeting its V2 Composable Stable Pools, causing losses exceeding $100 million.
03
Lazarus targeted European defense companies, particularly those involved in UAV technology, as part of its Operation DreamJob campaign. Lazarus used social engineering techniques, such as fake job offers.
04
ESET discovered two Android spyware campaigns, ProSpy and ToSpy, targeting privacy-conscious users in the UAE. ProSpy impersonates Signal and ToTok apps, while ToSpy exclusively mimics ToTok.
05
The Silent Lynx APT group has been actively targeting Central Asian nations, Russia, and China for espionage. This group employs spear-phishing campaigns and malicious implants to infiltrate governmental and critical infrastructure sectors.
06
Hackers are exploiting a critical authentication bypass vulnerability (CVE-2025-5397) in the JobMonster WordPress theme, which allows unauthorized access to admin accounts when social login is enabled.
07
Cybercriminals are targeting trucking and freight companies to steal cargo using elaborate attack chains. Threat actors use RMM tools as a first-stage payload to compromise companies.
08
Google released November 2025 Android security patches addressing two vulnerabilities in the System component, including a critical remote code execution flaw (CVE-2025-48593).
09
Google's AI-powered cybersecurity agent, Big Sleep, has identified five vulnerabilities in Apple's Safari WebKit that could potentially lead to browser crashes or memory corruption.
10
Zscaler announced the acquisition of AI security startup SPLX to boost AI defense, focusing on red-teaming, compliance tracking, and continuous testing for custom AI applications.
