Attackers are exploiting a decade-old EnCase driver to disable 59 endpoint security products. The driver's certificate, issued on December 15, 2006, allows it to load on modern Windows systems due to Microsoft's backward compatibility policies.

The Qilin ransomware gang, known for targeting high-profile organizations, has claimed responsibility for the cyberattack on Conpet, alleging the theft of nearly 1TB of data, including sensitive documents and financial information.

The Ilevia EVE X1 Server has been found to contain multiple critical vulnerabilities that could allow attackers to execute arbitrary commands, disclose sensitive information, and escalate privileges.

Marco Stealer is a sophisticated information stealer targeting browser data, cryptocurrency wallets, and sensitive files. It employs advanced anti-analysis techniques and uses AES-256 encryption for secure C2 communication.

La Sapienza University, Europe's largest by in-campus students, has been hit by a ransomware attack attributed to the pro-Russian group Femwar02. The attack has led to significant disruptions, with IT systems offline and data encrypted.

The AISURU/Kimwolf botnet has launched a record-setting DDoS attack, peaking at 31.4 Tbps. This attack is part of a significant increase in DDoS activity in 2025, with Cloudflare mitigating over 47.1 million attacks throughout the year.

CISA has added two vulnerabilities, CVE-2025-11953 and CVE-2026-24423, to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are actively exploited and pose significant risks to federal enterprises.

Spain's Ministry of Science has partially shut down its IT systems following claims of a cyberattack. The Ministry cited a "technical incident" without confirming the attack.

A recent Android malware campaign has been identified, exploiting the Hugging Face platform to distribute thousands of malicious APK variants. The malware, disguised as a security tool named TrustBastion.

A critical security breach has been identified in the update infrastructure of Notepad++, a widely used text editor for Windows. The breach, attributed to suspected Chinese state hackers.