Open Source Alerts

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

Threat actors are exploiting ConnectWise ScreenConnect to deploy AsyncRAT using fileless techniques, leveraging VBScript and PowerShell loaders, and maintain persistence through a fake Skype updater.

France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks

Three French regional healthcare agencies—Hauts-de-France, Normandy, and Pays de la Loire—have been targeted in a coordinated cyber-attack campaign that compromised the personal data of patients across public hospitals.

When typing becomes tracking: Study reveals widespread silent keystroke interception

Researchers from multiple institutions analyzed 15,000 websites and found that 91% used JavaScript event listeners to monitor user interactions. Approximately 40% of websites captured keystrokes before users pressed submit.

Vienna, VA discloses data breach that leaked SSNs, financial info

The town of Vienna, Virginia, experienced a ransomware attack in August 2025, compromising the personal data of 811 individuals. The exposed data includes names, Social Security numbers, financial account details, and passport numbers.

GitLab security advisory (AV25-584)

GitLab issued a security advisory (AV25-584) addressing multiple vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE). The affected versions include all releases before 18.3.2, 18.2.6, and 18.1.6.

Adobe security advisory (AV25-583)

Adobe has released Security Advisory AV25-583 on September 9, 2025, addressing multiple vulnerabilities across a wide range of its products, including Acrobat, After Effects, Premiere Pro, ColdFusion, and Adobe Commerce.
September 11, 2025

Chinese APT Hits Philippine Military Firm with New EggStreme Fileless Malware

A China-based advanced persistent threat (APT) group is actively targeting military organizations in the Asia-Pacific region, particularly the Philippines, using a newly discovered fileless malware framework named EggStreme.

Cursor AI editor lets repos “autorun” malicious code on devices

This vulnerability enables threat actors to execute arbitrary code, steal credentials and API tokens, modify files, or establish command-and-control channels without any user interaction.

ChillyHell modular macOS malware OKed by Apple in 2021

ChillyHell is a modular macOS backdoor malware that remained undetected for four years after being notarized by Apple in 2021. Despite its malicious nature, the sample had passed Apple’s security checks and was publicly hosted on Dropbox since 2021.

DDoS defender targeted in 1.5 Bpps denial-of-service attack

A European DDoS mitigation provider was recently targeted in a record-breaking distributed denial-of-service (DDoS) attack that peaked at an unprecedented 1.5 billion packets per second (Bpps).

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags