CVE-2025-64770

creationtimestamp| type| source ---|---|--- 2025-11-20 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-324-02...

CISA: Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers

CISA, in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, have released the guide Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to help internet service...

The price of ChatGPT’s erotic chat? $20/month and your identity

To talk dirty to ChatGPT, you may soon have to show it your driver’s license. OpenAI announced last month that ChatGPT will soon offer erotica—but only for verified adults. That sounds like a clever guardrail until you realize what “verified” might mean: uploading government identification to a...

Iranian Hackers Launch 'SpearSpecter' Spy Operation on Defense & Government Targets

The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps IRGC as part of a new espionage-focused campaign. The activity, detected in early September 2025 and assessed to be...

1 million victims, 17,500 fake sites: Google takes on toll-fee scammers

A Phishing-as-a-Service PhaaS platform based in China, known as “Lighthouse,” is the subject of a new Google lawsuit. Lighthouse enables smishing SMS phishing campaigns, and if you’re in the US there is a good chance you've seen their texts about a small amount you supposedly owe in toll fees...

On Hacking Back

Former DoJ attorney John Carlin writes about hackback, which he defines thus: "A hack back is a type of cyber response that incorporates a counterattack designed to proactively engage with, disable, or collect evidence about an attacker. Although hack backs can take on various forms, they are--­b...

📄 moew.government.bg Cross Site Scripting

moew.government.bg suffers from a cross site scripting vulnerability. It is unclear what vulnerable code base is being used or if it's custom, however, the researcher has not heard a response from the administrators for a year and they have not addressed the issue, putting their users at risk, so...

The Government Shutdown Is a Ticking Cybersecurity Time Bomb

Many critical systems are still being maintained, and the cloud provides some security cover. But experts say that any lapses in protections like patching and monitoring could expose government systems...

Cavalry Werewolf Hit Russian Government with New ShellNET Backdoor

Doctor Web uncovers a targeted cyberattack on a Russian government body by the Cavalry Werewolf group using a new ShellNET backdoor and Telegram-based control...

China-Linked Hackers Target Cisco Firewalls in Global Campaign

New reports show China-based hackers are targeting US federal, state, and global government networks via unpatched Cisco firewalls. Get the full details and necessary steps to secure devices...

Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data

Cybersecurity researchers have shed light on two different Android trojans calledBankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices. According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the malware incorporates features to...

Russia Arrests Meduza Stealer Developers After Government Hack

Russia arrests developers of the notorious Meduza Stealer MaaS operation. Learn how the group's ‘fatal error’ led to the crackdown on domestic cybercrime...

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025. The activity targeted diplomatic organizations in Hungary,...

Salt Typhoon APT Group: What Public Sector Leaders and Defenders Should Know

The Rapid7 Threat Focus: Salt Typhoon report profiles one of the most sophisticated and persistent state-sponsored threat actors operating today. Salt Typhoon, a Chinese espionage advanced persistent threat APT group linked to the Ministry of State Security MSS, has spent years infiltrating globa...

SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats

A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity "reveals a notable evolution in...

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign

A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT. The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe aka APT36, a...

PhantomCaptcha RAT Attack Targets Aid Groups Supporting Ukraine

SentinelLABS’ research reveals PhantomCaptcha, a highly coordinated, one-day cyber operation on Oct 8, 2025, targeting the International Red Cross, UNICEF, and Ukraine government groups using fake emails and a Remote Access Trojan RAT linked to Russian infrastructure...

CVE-2025-62498

creationtimestamp| type| source ---|---|--- 2025-10-23 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-01 2025-10-23 23:08:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m3vi3nl4kk2e...

Bitter APT Exploiting Old WinRAR Vulnerability in New Backdoor Attacks

South Asian hacking group Bitter APT-Q-37 is deploying a C backdoor using two new methods: a WinRAR flaw and malicious Office XLAM files, targeting government and military sectors...

CVE-2023-52236

creationtimestamp| type| source ---|---|--- 2025-10-21 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-294-04...