Earth Preta’s malware, a variant of the TONESHELL backdoor, is sideloaded with a legitimate Electronic Arts application and communicates with a command-and-control server for data exfiltration.

In a recent development, analysts at CloudSEK have discovered the much maligned use of black hat Search Engine Poisoning by threat actors, to push Rummy and Investment focused websites to unsuspecting users.

About 47% of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network, according to Imprivata and the Ponemon Institute.

These flaws—CVE-2024-12425 (Arbitrary File Write) and CVE-2024-12426 (Remote File Read)—require no user interaction beyond opening a malicious document, making them highly exploitable in both desktop and server environments.

The Personal Information Protection Commission (PIPC) of South Korea announced the suspension on February 15, citing deficiencies in the app’s communication features and data processing practices.

This latest attack chain showcases the group’s ability to weaponize legitimate tools, leveraging DLL sideloading techniques and cloud-based infrastructure to stealthily infiltrate networks and exfiltrate sensitive data.

The new in-call anti-scammer protections include preventing Android users from turning on settings to install apps from unknown sources and granting access to the Accessibility Services.

Currently, Juniper SIRT is not aware of any malicious exploitation of the CVE-2025-21589 vulnerability. However, given the severity of the flaw, prompt action is crucial to prevent potential attacks.

A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app.

AMD has released security updates addressing multiple vulnerabilities in its EPYC and Ryzen Embedded processors, some of which could allow arbitrary code execution, memory corruption, or privilege escalation.