2025-02-24 • SecurityScorecard • SecurityScorecard STRIKE Team Open article on Malpedia

2025-02-26 • POLITICO • Antoaneta Roussi Open article on Malpedia

2025-02-27 • Fortinet • Pei Han Liao • win.valley_rat, win.winos Open article on Malpedia

2025-02-27 • WAR ON THE ROCKS • Nathaniel Davis, Nina Kollars Open article on Malpedia

2025-02-25 • Sentinel LABS • Tom Hegel Open article on Malpedia

2025-02-26 • Medium extensiontotal • Amit Assaraf Open article on Malpedia

2025-02-27 • Microsoft • Steven Masada Open article on Malpedia

CERT Polska has received a report about 5 vulnerabilities (from CVE-2025-22270 to CVE-2025-22274) found in CyberArk Endpoint Privilege Manager software.

Law enforcement agencies from 19 countries have arrested 25 suspects linked to a criminal ring that was distributing child sexual abuse material (CSAM) generated using artificial intelligence (AI). [...]

Authorities said they arrested a 39-year-old in Bangkok who was the hacker responsible for dozens of high-profile extortion cases.

2025-02-27 • Cyber Geeks • CyberMasterV Open article on Malpedia

Hot on the heels of the disclosure of CVE-2025-1001, a novel Medixant RadiAnt DICOM Viewer vulnerability, another security issue emerges in the cyber threat landscape. A newly identified flaw,...

Karen Evans has been appointed as the new Executive Assistant Director (EAD) for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA). In this new role, Evans brings an...

U.S. lawmakers from the Senate and House of Representatives have reintroduced the Farm and Food Cybersecurity legislation that... The post Farm and Food Cybersecurity Act reintroduced to protect...

KELA researchers reported that the Black Basta leak revealed critical patterns used by ransomware operators to infiltrate corporate... The post Black Basta leak exposes critical ransomware tactics...

In February 2025, Sophos completed the Secureworks deal and SolarWinds went private

Incorrect Privilege Assignment vulnerability (CVE-2025-1413) has been found in DaVinci Resolve application.

Louis Donald Mendonsa, 62, was sentenced following a guilty plea for distributing child sexual abuse materials (CSAM) via…

Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. [...]

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat...

2025-02-20 • Cisco Talos • Cisco Talos Open article on Malpedia

Unit 42 reports on phishing activity linked to the threat group JavaGhost. These attacks target organizations’ AWS environments. The post JavaGhost’s Persistent Phishing Attacks From the Cloud...

2025-02-24 • Intel 471 • Intel 471 • apk.tgtoxic Open article on Malpedia

Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report

2025-02-24 • cocomelonc • cocomelonc • osx.oceanlotus, win.duqu, win.stegoloader Open article on Malpedia

2025-02-21 • SonicWall • SonicWall • win.remcos Open article on Malpedia

2025-02-27 • Securite360.net • Muffin • elf.redtail Open article on Malpedia

2025-02-27 • Medium b.magnezi • 0xMrMagnezi • win.nanocore Open article on Malpedia

Microsoft has confirmed that the Skype video call and messaging service will be shut down in May, 14 years after replacing the Windows Live Messenger. [...]

Big shifts in the infostealer scene, novel attack vector against iOS and Android, and a massive surge in investment scams on social media