The Python-based Discord Remote Access Trojan (RAT) leverages Discord’s API as a C2 server to execute arbitrary system commands, steal sensitive information, capture screenshots, and manipulate both local machines and Discord servers.

Silent Push Threat Analysts discovered a phishing campaign using website lures to gather information against Russian individuals sympathetic to defending Ukraine and willing to share sensitive information.

Cado Security Labs identified a Python Remote Access Tool (RAT) named Triton RAT. The open source RAT is available on GitHub and allows users to remotely access and control a system using Telegram.

The vulnerability, identified as CVE-2025-1268, is described as an out-of-bounds vulnerability that “may prevent printing and/or potentially be able to execute arbitrary code when the print is processed by a malicious application“.

The end-to-end encryption in RCS and iMessage creates a blind spot, making network-level filtering ineffective. Threat actors also leverage visual trust indicators, such as blue bubbles in iMessage, to create a perception of legitimacy.

Dell released an update for Unity OS version 5.4 and earlier, addressing a set of critical vulnerabilities that exposed the enterprise storage systems under Unity, UnityVSA, and Unity XT lines.

As with other banking trojans of its kind, the malware is designed to facilitate device takeover (DTO) and ultimately conduct fraudulent transactions. An analysis of the source code and the debug messages revealed that the author is Turkish-speaking.

Mitel has issued a security advisory regarding a reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2025-23092 (CVSS 7.1), in the Legacy Chat component of its MiContact Center Business software.

The vulnerability, tracked as CVE-2025-2294, is a Local File Inclusion (LFI) flaw present in the Kubio AI Page Builder plugin. This flaw affects all versions of the plugin up to and including 2.5.1.

This new malware exhibits capabilities similar to the SPAWNCHIMERA variant, notably its ability to survive system reboots. However, RESURGE distinguishes itself through unique commands that enable it to alter its behavior.