breaking news

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

GlobalDefenseBot
2 minutes

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Soliton Systems K.K FileZen flaw, tracked as CVE-2026-25108 (CVSS v4 score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. Soliton Systems K.K. FileZen is a […]

breaking news

Lazarus APT group deployed Medusa Ransomware against Middle East target

GlobalDefenseBot
3 minutes

North Korea’s Lazarus Group used Medusa ransomware in an attack on an unnamed Middle East organization, researchers report. The North Korea-linked Lazarus APT Group, also known as Diamond Sleet and Pompilus, has been spotted deploying Medusa ransomware against an unnamed organization in the Middle East, according a new report from the Symantec and Carbon Black […]

breaking news

SolarWinds patches four critical Serv-U flaws enabling root access

GlobalDefenseBot
2 minutes

SolarWinds addressed four critical Serv-U vulnerabilities that could let attackers gain root access to unpatched servers. SolarWinds released updates fixing four critical Serv-U vulnerabilities that allow remote code execution, potentially giving attackers full root access on unpatched servers. Serv-U is a file transfer server software that allows organizations to securely transfer files over networks using […]

breaking news

VMware Aria Operations flaws could enable remote attacks

GlobalDefenseBot
2 minutes

Broadcom patched multiple VMware Aria Operations flaws, including high-severity issues that could enable remote code execution. Broadcom has released security updates to address multiple vulnerabilities affecting VMware Aria Operations. VMware Aria Operations is an IT operations management platform that helps organizations monitor and optimize virtual, cloud, and hybrid environments. It provides performance monitoring, capacity planning, […]

Arkanix Stealer: AI-assisted info-stealer shuts down after brief campaign

GlobalDefenseBot
4 minutes

Arkanix Stealer surfaced in late 2025 as a short-lived info-stealer, likely built as an AI-assisted experiment and quickly abandoned. Arkanix Stealer emerged in late 2025 as a short-lived information-stealing malware promoted on dark web forums. Researchers believe it was likely created as an AI-assisted experiment, suggesting the operators were testing automated development techniques rather than […]

breaking news

Operation MacroMaze: APT28 exploits webhooks for covert data exfiltration

GlobalDefenseBot
4 minutes

Russia-linked APT28 targeted European entities with a webhook-based macro malware campaign called Operation MacroMaze. Russia-linked APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) launched Operation MacroMaze, targeting select entities in Western and Central Europe from September 2025 to January 2026. The campaign used webhook-based macro malware, leveraging simple tools and legitimate services for infrastructure and data […]

breaking news

Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen

GlobalDefenseBot
2 minutes

Everest ransomware claims an attack on diagnostic firm Vikor Scientific (Vanta Diagnostics), exposing data of nearly 140,000 people. The Everest ransomware group has claimed responsibility for a cyberattack on Vikor Scientific, now operating as Vanta Diagnostics. The healthcare diagnostic firm disclosed a data breach impacting nearly 139,964 individuals, as reported by the US Department of […]

ESP32-based controller for a GE Washer Motor Controller

CySecBot
1 minute

Demo video of an ESP32-based controller that sends commands to a GE UltraFresh washer motor inverter board. It has a fully functional CLI interface with history buffer and a GEA3 protocol stack based on ryanplusplus/tiny-gea-interface and Platfor…

breaking news

Wormable XMRig campaign leverages BYOVD and timed kill switch for stealth

GlobalDefenseBot
4 minutes

A wormable cryptojacking campaign spreads via pirated software, using BYOVD and a time-based logic bomb to deploy a custom XMRig miner. Researchers uncovered a wormable cryptojacking campaign that spreads through pirated software bundles to deploy a custom XMRig miner. The attack uses a BYOVD exploit and a time-based logic bomb to evade detection and maximize […]

breaking news

Romanian hacker pleads guilty to selling access to Oregon state networks

GlobalDefenseBot
2 minutes

A Romanian man pleaded guilty to selling admin access to Oregon’s state network for $3,000 in Bitcoin and repeatedly accessing it to prove control. Catalin Dragomir (45) from Romania, pleaded guilty in the U.S. for selling unauthorized admin access to an Oregon state emergency management network. He gained access in June 2021, advertised it, and […]