The U.S. announced sanctions against a company and individual tied to major espionage attacks on the Treasury Department and U.S. telecom entities.
The Star Blizzard threat group expanded its typical spear-phishing attack vector to target WhatsApp accounts.
The most serious flaw can lead to remote code execution
The three Windows Hyper-V vulnerabilities (CVE-2025-21333, CVE-2025-21334 and CVE-2025-21335) are being exploited.
The operation was made possible by the efforts of French authorities, who gained access to the C2 server
Fortinet released patches for an authentication bypass bug that is being exploited in the wild.
The operation was used to generate AI images from DALL-E using stolen API keys
Threat actors are trying to trick security researchers with fake PoC exploit code for a recently disclosed, high-severity Windows LDAP flaw.
The group is highly capable and has shown the ability to compromise many different targets
Threat actors are exploiting a vulnerability in Ivanti Connect Secure appliances.
