The DoNot APT group has been observed misusing the OneSignal platform, which typically provides tools for sending push notifications, in-app messages, emails, and SMS. The group is leveraging OneSignal to deliver phishing links through notifications.

This comprehensive awareness document identifies the most critical vulnerabilities in smart contracts, offering developers and security professionals a roadmap to mitigate risks in decentralized ecosystems.

The AnyDesk requests claim to be for conducting an audit to assess the "level of security," CERT-UA said, cautioning organizations to be on the lookout for such social engineering attempts that seek to exploit user trust.

Trend Micro Zero Day Initiative recently uncovered a vulnerability in 7-Zip. This flaw, tracked as CVE-2025-0411 and assigned a CVSS score of 7.0 (High), could allow attackers to bypass the Mark of the Web (MotW) security feature in Windows.

The operators of Gootloader continually refine their obfuscation techniques. Sophos X-Ops identified heavily obfuscated scripts, with key capabilities like string decryption and counter loops spread across multiple functions.

This flaw is a buffer overflow vulnerability in the device’s handling of IPv6 DNS server configuration parameters. It could potentially allow attackers to execute arbitrary code or cause denial-of-service attacks.

The eSentire Threat Response Unit (TRU) uncovered a new malware campaign leveraging a tool called MintsLoader to deliver second-stage payloads, including the StealC malware and the Berkeley Open Infrastructure for Network Computing (BOINC) client.

By utilizing a malicious SAML Identity Provider and targeting an organization residing on the same Sentry instance, an attacker could have taken over any user account within that organization, provided they knew the victim’s email address.

IntelBroker entered the scene in late 2022, first appearing on BreachForums and rapidly building a reputation as a ransomware operator at first and then as an actor responsible for many high-profile data breaches.

IBM has disclosed multiple critical vulnerabilities affecting its Sterling Secure Proxy (SSP), which could allow attackers to inject commands, access sensitive information, or cause denial of service.