PT-2025-34562 · Undefined · Undefined

🔥 Android under fire: Two high-severity bugs — CVE-2025-38805 and CVE-2025-38806 — have entered exploit kits. Attackers adapt quickly; don’t be the easy target. Details: https://t.co/tej1yYGlw1 Created by AI. Android ZeroDay...

PT-2025-34561 · Undefined · Undefined

🔥 Android under fire: Two high-severity bugs — CVE-2025-38805 and CVE-2025-38806 — have entered exploit kits. Attackers adapt quickly; don’t be the easy target. Details: https://t.co/tej1yYGlw1 Created by AI. Android ZeroDay...

CVE-2025-5256

SummaryThis advisory addresses an Open Redirection vulnerability in Mautic's user unlocking endpoint. This vulnerability could be exploited by an attacker to redirect legitimate users to malicious websites, potentially leading to phishing attacks or the delivery of exploit kits. Open Redirection...

CVE-2025-5256 Open Redirect vulnerability on user unlock path

SummaryThis advisory addresses an Open Redirection vulnerability in Mautic's user unlocking endpoint. This vulnerability could be exploited by an attacker to redirect legitimate users to malicious websites, potentially leading to phishing attacks or the delivery of exploit kits. Open Redirection...

CVE-2025-5256 Open Redirect vulnerability on user unlock path

SummaryThis advisory addresses an Open Redirection vulnerability in Mautic's user unlocking endpoint. This vulnerability could be exploited by an attacker to redirect legitimate users to malicious websites, potentially leading to phishing attacks or the delivery of exploit kits. Open Redirection...

Mautic has an Open Redirect vulnerability on user unlock path.

Summary This advisory addresses an Open Redirection vulnerability in Mautic's user unlocking endpoint. This vulnerability could be exploited by an attacker to redirect legitimate users to malicious websites, potentially leading to phishing attacks or the delivery of exploit kits. Open Redirection...

New Stealer Uses Invalid Cert To Compromise Systems

New Stealer Uses Invalid Cert To Compromise Systems By Mohinder Gill, Mallikarjun Wali and Sangram Mohapatro · November 07, 2024 A new Stealer has been making the rounds. Its name: Fickle. Fickle Stealer is a new Rust-based information stealer that spreads through various attack vectors, includin...

Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Charges

A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency NCA has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to be associated with Russian-speaking cybercrime groups. Maksim Silnikau aka Maksym Silnikov, 38, went by the onli...

Raccoon Infostealer operator extradited to the United States

A Ukrainian national, Mark Sokolovsky, has been indicted for crimes related to fraud, money laundering and aggravated identity theft and extradited to the United States from the Netherlands, the US Attorney’s Office of the Western District of Texas has announced. In March 2022, around the same ti...

A week in security (August 7 - August 13)

Last week on Malwarebytes Labs: Zoom clarifies user consent requirement when training its AI Several hospitals still counting the cost of widespread ransomware attack Old exploit kits still kicking around in 2023 YouTube makes sweeping changes to tackle spam on Shorts videos Googles "browse...

Threat Roundup for June 2 to June 9

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between June 2 and June 9. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

" CVE-2021-31956" WIP PoC code for CVE-2021-31956 in preparat...

Threat Roundup for May 5 to May 12

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between May 5 and May 12. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Round up for February 10 to February 17

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Feb. 10 and Feb. 17. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

New Ransomware Variants Created Using Leaked Conti Source Code

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The leaked source code of the Conti ransomware has been used to create new strains of the ransomware. These new strains include Putin Team, ScareCrow, BlueSky, and Meow ransomware are being distributed...

Threat Round up for November 11 to 18

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Nov. 11 and Nov. 18. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Purple Fox Rootkit Now Propagates as a Worm

Purple Fox is an active malware campaign targeting Windows machines. Up until recently, Purple Fox’s operators infected machines by using exploit kits and phishing emails...

Raccoon Stealer returns with a new bag of tricks

The popular malware Raccoon stealer, which suspended operations after a developer allegedly died in the Ukraine invasion, has returned. Raccoon stealer is malware as a service, with the developers selling it to would-be users. The operation is a tightly-run ship, to the extent that customers have...

Bad Actors Are Maximizing Remote Everything

The rise of remote work and learning opened new opportunities for many people – as we’ve seen by the number of people who have moved to new places or adapted to “workcations.” Cybercriminals are taking advantage of the same opportunities – just in a different way. Evaluating the prevalence of...

DirtyMoe Botnet Gains New Exploits in Wormable Module to Spread Rapidly

The malware known as DirtyMoe has gained new worm-like propagation capabilities that allow it to expand its reach without requiring any user interaction, the latest research has found. "The worming module targets older well-known vulnerabilities, e.g., EternalBlue and Hot Potato Windows privilege...