Google’s AI‑Powered Scam Shield on Android: What It Means for Users and Enterprises

TLDRGoogle’s AI defenses block over 10 billion scam messages monthly on Android devices. The system also blocks 100 million suspicious numbers using RCS.Employment fraud tops the list, followed by unpaid‑bill and investment…

Continue reading
Chrome Zero‑Day (CVE‑2025‑2783) Powers LeetAgent Spyware in Operation ForumTroll

TLDR Google Chrome contains a critical zero‑day (CVE‑2025‑2783) that lets attackers escape the sandbox. The flaw is used by Memento Labs to deliver LeetAgent spyware in a phishing campaign against…

Continue reading
China-Linked Smishing Triad Exploits 194K Domains to Target Global Brokerage Users

TLDR The Smishing Triad has registered 194,000+ malicious domains since Jan 2024. It targets brokerage accounts and has earned >$1 billion in three years. Infrastructure lives on US cloud services, but domains…

Continue reading
Bridging the Cybersecurity Perception Gap: A Practical Guide for Leaders and Teams

TLDR The Bitdefender 2025 assessment shows a stark confidence gap between security staff and mid‑level managers. Aligning perception with reality requires clear dialogue and shared metrics. What happened The Bitdefender…

Continue reading
MuddyWater’s Phoenix Campaign: How Iranian Espionage Threatens MENA Governments

TLDR Iranian espionage group MuddyWater deployed the Phoenix backdoor via phishing Word docs to over 100 MENA government entities. The campaign leveraged a hijacked email account and legitimate services to…

Continue reading
PolarEdge Botnet Exploits Cisco, ASUS, QNAP and Synology Devices – What You Need to Know

TLDR PolarEdge is a TLS‑based ELF botnet that targets Cisco routers, ASUS and QNAP NAS, and Synology devices. It exploits CVE‑2023‑20118 and turns compromised hardware into SOCKS5 proxies. Check firmware…

Continue reading
Understanding ClickFix: Why It Works and How to Defend Against It

TLDR ClickFix attacks trick users into executing malicious commands by copying code from compromised web pages. They succeed because users are unprepared, detection tools miss them, and EDR solutions often…

Continue reading
Silver Fox’s Winos 4.0 Expands Into Japan and Malaysia Using HoldingHands RAT

TLDRSilver Fox’s Winos 4.0 malware now attacks Japan and Malaysia.It spreads via malicious PDFs and uses the HoldingHands RAT for remote access and data theft.What happenedThe group known as Silver Fox…

Continue reading
Inside the .NET CAPI Backdoor Campaign Targeting Russian Auto and E‑Commerce Firms

TLDR A new .NET CAPI backdoor is targeting Russian automobile manufacturers and e‑commerce platforms. The malware arrives in phishing ZIPs, steals browser data, captures screenshots, and establishes persistence. What happened…

Continue reading
Microsoft Revokes Hundreds of Fraudulent Certificates Used by Vanilla Tempest in Ransomware Campaigns

TLDR Microsoft revoked over 200 fraudulent code‑signing certificates linked to the Vanilla Tempest threat actor. The certificates were used to sign malicious Teams installers, the Oyster backdoor, and Rhysida ransomware.…

Continue reading

Cyber Threat Newsetter