Critical Windows Kernel Zero‑Day and 62 Additional Flaws: What Every Defender Must Do

TLDR Microsoft released patches for 63 vulnerabilities, including a critical Windows Kernel zero‑day (CVE‑2025‑62215) that is being exploited in the wild. The flaw enables local privilege escalation; organizations must patch…

Continue reading
Stealth Logic Bombs Hidden in Popular .NET Packages Threaten Databases and PLCs

TLDR Nine NuGet packages contain hidden logic bombs. They will activate in 2027‑2028 to disrupt databases and industrial PLCs. What happened Security researchers discovered nine malicious NuGet packages on the…

Continue reading
Zero‑Click Samsung Flaw Used to Deploy LANDFALL Spyware: What You Need to Know

TLDR Samsung patched a remote code execution flaw (CVE‑2025‑21042) after it was used in the wild. The bug let attackers deliver LANDFALL spyware through malicious WhatsApp images. What happened Security…

Continue reading
China-Linked Hackers Exploit Legacy Vulnerabilities to Infiltrate a U.S. Policy NGO

China-Linked Hackers Exploit Legacy Vulnerabilities to Infiltrate a U.S. Policy NGOTLDRA China‑linked threat actor breached a U.S. nonprofit that influences policy. The attackers used known Atlassian and Log4j flaws, installed…

Continue reading
Google Maps Adds Business Extortion Reporting to Fight Review Bombing

TLDRGoogle Maps introduces a reporting tool for fake‑review extortion. Businesses can now alert Google when scammers demand payment to delete false reviews.The feature aims to curb review‑bombing and protect merchant…

Continue reading
Inside the BlackCat Ransomware Indictments: What U.S. Companies Need to Know

TLDRU.S. prosecutors indicted three suspects for BlackCat ransomware attacks on five companies in 2023.The charges carry up to 50 years in prison and signal tougher enforcement against ransomware operators.What happenedIn…

Continue reading
Airstalk Malware: Nation‑State Exploitation of Mobile MDM APIs and What Enterprises Must Do

TLDR Nation‑state actors use Airstalk malware to abuse AirWatch MDM APIs. The threat targets browsers on corporate mobile devices; immediate detection and network controls are required. What happened Palo Alto…

Continue reading
AI‑Driven Code Hardening: Inside OpenAI’s Aardvark GPT‑5 Agent

TLDR Aardvark is an AI agent that scans code, finds vulnerabilities, and suggests patches automatically. It integrates with development pipelines and runs tests in isolated sandboxes to verify fixes. What…

Continue reading
Airstalk Malware Exploits AirWatch API in a Sophisticated Supply‑Chain Attack

TLDRAirstalk is a new, nation‑state‑backed malware that abuses the AirWatch MDM API to create covert command‑and‑control channels.It has PowerShell and .NET variants, steals browser data, and is aimed at business‑process‑outsourcing…

Continue reading
Brash Exploit Puts Chromium Browsers at Risk – A Deep Dive

TLDR Brash is a new exploit that crashes Chromium‑based browsers with one crafted URL. It abuses an un‑throttled document.title API to flood the UI thread and freeze the browser. What…

Continue reading

Cyber Threat Newsetter