Skip to content
Threat Note Threat Note

Aggregating Cyber Insights

  • Articles
  • Breaches
  • Learning
  • News
  • Podcast
  • Research
  • Toolkit
  • Vulnerabilities
  • Webinars
  • About Us

Vulnerabilities

  • Home
  • Vulnerabilities
From Cybersecurity Help – Cyber Security Week in Review: December 26, 2025
Posted inVulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: December 26, 2025

In brief: Fortinet warns of a five-year-old FortiOS flaw exploited in the wild, Russian defense-industry orgs targeted in a new campaign, and more.  ​ Read More  ​ 
Posted by Samir K December 26, 2025
From Cybersecurity Help – US seizes fraud domain, charges operator of fake ID marketplaces
Posted inVulnerabilities

From Cybersecurity Help – US seizes fraud domain, charges operator of fake ID marketplaces

The seized domain served as a backend control panel that stored and managed illegally harvested bank login credentials.  ​ Read More  ​ 
Posted by Samir K December 23, 2025
From Cybersecurity Help – Malicious Phantom Shuttle Chrome extensions hijack user traffic
Posted inVulnerabilities

From Cybersecurity Help – Malicious Phantom Shuttle Chrome extensions hijack user traffic

The extensions route all web traffic through attacker-controlled proxy servers using hardcoded credentials hidden with a custom encoding scheme.  ​ Read More  ​ 
Posted by Samir K December 23, 2025
From Cybersecurity Help – Goffee cyberspies target Russian military personnel and defense-industry orgs
Posted inVulnerabilities

From Cybersecurity Help – Goffee cyberspies target Russian military personnel and defense-industry orgs

The group is experimenting with new techniques to evade detection but still shows gaps in technical execution and language accuracy.  ​ Read More  ​ 
Posted by Samir K December 23, 2025
From Cybersecurity Help – Interpol-led op arrests over 500 suspects linked to BEC, ransomware, and extortion
Posted inVulnerabilities

From Cybersecurity Help – Interpol-led op arrests over 500 suspects linked to BEC, ransomware, and extortion

As part of Operation Sentinel, more than 6,000 malicious links were taken down and the six ransomware variants were decrypted.  ​ Read More  ​ 
Posted by Samir K December 23, 2025
From Cybersecurity Help – Romania confirms major ransomware attack on national water administration
Posted inVulnerabilities

From Cybersecurity Help – Romania confirms major ransomware attack on national water administration

The attackers used the built-in Windows BitLocker security feature to lock files on compromised systems.  ​ Read More  ​ 
Posted by Samir K December 22, 2025
From Cybersecurity Help – Nigerian police arrest three in Raccoon0365 Microsoft 365 phishing case
Posted inVulnerabilities

From Cybersecurity Help – Nigerian police arrest three in Raccoon0365 Microsoft 365 phishing case

Raccoon0365 was responsible for at least 5,000 compromised Microsoft 365 accounts across 94 countries.  ​ Read More  ​ 
Posted by Samir K December 22, 2025
From Cybersecurity Help – Phishing attacks abuse Microsoft 365 device code login to bypass MFA
Posted inVulnerabilities

From Cybersecurity Help – Phishing attacks abuse Microsoft 365 device code login to bypass MFA

The attacks involve both financially motivated cybercriminal groups, such as TA2723, and state-backed threat actors.  ​ Read More  ​ 
Posted by Samir K December 22, 2025
From Cybersecurity Help – Nefilim ransomware affiliate pleads guilty, faces up to 10 years in prison
Posted inVulnerabilities

From Cybersecurity Help – Nefilim ransomware affiliate pleads guilty, faces up to 10 years in prison

Stryzhak gained access to the Nefilim ransomware platform in June 2021 in exchange for 20 percent of any ransom proceeds.  ​ Read More  ​ 
Posted by Samir K December 22, 2025
From Cybersecurity Help – Cyber Security Week in Review: December 19, 2025
Posted inVulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: December 19, 2025

In brief: SonicWall, Sisco, WatchGuard patch actively exploited zero-days, the Clop extortion group targets CentreStack file servers, and more.  ​ Read More  ​ 
Posted by Samir K December 19, 2025
From Cybersecurity Help – French intelligence investigate suspected foreign spyware operation on ferry
Posted inVulnerabilities

From Cybersecurity Help – French intelligence investigate suspected foreign spyware operation on ferry

The probe was launched after French authorities received intelligence from Italy indicating that the ferry’s IT system had been infected with a RAT.  ​ Read More  ​ 
Posted by Samir K December 18, 2025
From Cybersecurity Help – SonicWall and Cisco warn of zero-day attacks targeting network security appliances
Posted inVulnerabilities

From Cybersecurity Help – SonicWall and Cisco warn of zero-day attacks targeting network security appliances

Attacks involving Cisco SEG and SEWM appliances have been attributed to a suspected Chinese threat group known as UAT-9686.  ​ Read More  ​ 
Posted by Samir K December 18, 2025
From Cybersecurity Help – GhostPoster campaign hides malware in Firefox extension logos
Posted inVulnerabilities

From Cybersecurity Help – GhostPoster campaign hides malware in Firefox extension logos

The campaign involves at least 17 compromised Firefox extensions that use steganography to conceal a JavaScript loader within PNG logo files.  ​ Read More  ​ 
Posted by Samir K December 17, 2025
From Cybersecurity Help – A major fraud operation dismantled in Ukraine
Posted inVulnerabilities

From Cybersecurity Help – A major fraud operation dismantled in Ukraine

Scammers allegedly tricked victims into installing remote access software, allowing criminals to steal online banking credentials.  ​ Read More  ​ 
Posted by Samir K December 17, 2025
From Cybersecurity Help – Urban VPN Proxy extension reportedly found harvesting AI chat conversations
Posted inVulnerabilities

From Cybersecurity Help – Urban VPN Proxy extension reportedly found harvesting AI chat conversations

The extension includes scripts designed to capture conversations across major platforms such as ChatGPT, Claude,  and Gemini.  ​ Read More  ​ 
Posted by Samir K December 17, 2025

Posts pagination

1 2 3 … 94 Next page

Latest Posts

  • From Schneier on Security – Friday Squid Blogging: Squid CamouflageDecember 27, 2025
  • From The Hacker News – Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious CodeDecember 26, 2025
  • From Dark Reading – Mentorship and Diversity: Shaping the Next Generation of Cyber ExpertsDecember 26, 2025
  • From The Hacker News – China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot MalwareDecember 26, 2025
  • From Dark Reading – As More Coders Adopt AI Agents, Security Pitfalls Lurk in 2026December 26, 2025