Skip to content
cyber updates Page 3

cyber updates

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Dec 10, 2025Ravie LakshmananVulnerability / Endpoint Security Fortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. The… 

Read More »Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

Threat actors with ties to North Korea have likely become the latest to exploit the recently disclosed critical security React2Shell flaw in React Server Components (RSC) to deliver a previously undocumented remote access trojan dubbed… 

Read More »North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware
Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

Dec 09, 2025Ravie LakshmananCybersecurity / Malware Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader, strengthening the previous assessment that the tool is offered to other threat actors under… 

Read More »Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Dec 09, 2025Ravie LakshmananRansomware / Endpoint Security The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing,… 

Read More »Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware

STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware

Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565. Cybersecurity company Sophos said it investigated almost 40 intrusions linked to the threat actor… 

Read More »STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Dec 09, 2025Ravie LakshmananMalware / Threat Analysis Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code… 

Read More »Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named NetSupport RAT. The attack chain, analyzed by… 

Read More »Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT