Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks
New research from Ontinue exposes a major security flaw in Microsoft Teams B2B Guest Access. Learn how attackers bypass all Defender for Office 365 protections with a single invite.
Emergency alerts go dark after cyberattack on OnSolve CodeRED
Cyberattack on OnSolve CodeRED disrupted emergency alert services for U.S. state, local, police, and fire agencies. A cyberattack on the OnSolve CodeRED alert platform disrupted emergency notification services used by U.S. state and local governments, police, and fire agencies. OnSolve CodeRED is a cloud-based emergency alert system used by U.S. state and local governments to […]
Fake Battlefield 6 Downloads Are Spreading Malware, Stealing Player Data
Bitdefender Labs found fake Battlefield 6 pirated copies and trainers spreading aggressive malware, C2 agents, and infostealers, designed to steal player data and crypto-wallets.
Bahrain to argue at UK supreme court it has immunity from surveillance claims
Gulf nation is accused of placing monitoring software on computers of two dissidents living in LondonBahrain is to tell the UK’s supreme court that it enjoys sovereign immunity from claims it placed surveillance software on the computers of two disside…
Dissecting a new malspam chain delivering Purelogs infostealer
The AISI Research Center’s Cybersecurity Observatory publishes the report “Dissecting a new malspam chain delivering Purelogs infostealer” – November 25, 2025. Organizational and personal security remains under constant threat from increasingly sophisticated attack vectors, with malspam continuing to represent one of the most widespread and effective initial infection vectors for distributing malware on a large […]
Morphisec warns StealC V2 malware spread through weaponized blender files
StealC V2 spread via malicious Blender files on 3D model sites like CGTrader, abusing Blender’s ability to run hidden Python scripts. Cybersecurity firm Morphisec reported that Russian threat actors are spreading StealC V2 infostealer via weaponized Blender files uploaded to 3D model marketplaces like CGTrader. The malware abuses Blender’s ability to run Python scripts for automation […]
Fake “Windows Update” screens fuels new wave of ClickFix attacks
A convincing (but fake) “Windows Update” screen can be the perfect lure for tricking users into infecting their computers with malware. Add a multi-stage delivery chain with some offbeat techniques, and infostealer operators have everything…
640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack
The new self-replicating worm iteration has destructive capabilities, erasing home directory contents if it cannot spread to more repositories.
The post 640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack appeared first on Sec…
CISA: Spyware and RATs used to target WhatsApp and Signal Users
CISA warns that threat actors are actively using commercial spyware and RATs to target users of mobile messaging apps WhatsApp and Signal. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of threat actors using commercial spyware and remote access trojans (RATs) to target users of popular instant messaging applications, including WhatsApp and Signal. […]
Shai Hulud npm Worm Impacts 26,000+ Repos in Supply Chain Attack
The Shai Hulud worm’s “Second Coming” has compromised over 26,000 public repositories. We detail the attacker’s mistake, the target packages, and mandatory security tips.