Ivanti EPMM Security Flaws Exploited By Hackers
Two newly identified Ivanti Endpoint Manager Mobile (EPMM) security flaws, are under active exploitation by a sophisticated hacking group believed to be operating from China. The vulnerabilities, when used together, enable attackers to bypass authentication and remotely execute malicious code, potentially giving them full control of targeted systems. The Vulnerabilities Explained Security experts have flagged two critical issues in Ivanti’s
Fake KeePass Version Executes Ransomware Attacks
A malicious version of the popular open-source password manager KeePass is being used to launch ransomware attacks on VMware ESXi servers. Security researchers have uncovered a trojanized variant, dubbed “KeeLoader” that mimics the real interface while silently compromising users' systems. Once installed, this fake KeePass plants a Cobalt Strike beacon and exfiltrates the user’s password database in plaintext. Thus, paving
UK Legal Aid Agency Data Breach: Sensitive Information Stolen
The UK Legal Aid Agency (LAA) has confirmed a significant data breach following a cyberattack. The attack compromised sensitive personal information of legal aid applicants, some of which dates back as far as 2010. The breach, uncovered on April 23, 2025, has sparked serious concerns about data protection in the public sector and the security of vulnerable individuals relying on
RVTools Website Hacked to Spread Bumblebee Malware
In a concerning case of software supply chain compromise, the official RVTools website was hacked to distribute malware. RVTools is a trusted utility used by VMware administrators. The installer, normally used to help IT professionals audit virtual environments, was tampered with to deliver the Bumblebee malware loader, a known precursor to ransomware attacks. This incident underscores the persistent and growing
Skitnet Malware Fuels Ransomware Attacks
Ransomware gangs are evolving fast, and their newest weapon, Skitnet malware, proves it. Known alternately as “Bossnet,” this emerging post-exploitation malware is gaining traction among threat actors like BlackBasta and Cactus. Designed for stealth, Skitnet leverages in-memory execution, DNS-based command and control, and anti-forensics to maintain a low profile while enabling persistent remote access. As its use spreads in phishing
Dynamic DNS: The Silent Partner in Modern Cybercrime
In the hectic atmosphere of cyber threats, attackers constantly seek new tools and techniques to evade detection. One such overlooked enabler is Dynamic DNS (DDNS). It’s a legitimate service that’s now being co-opted to power phishing campaigns, malware delivery, and command-and-control operations. While Dynamic DNS was originally designed to help users cope with changing IP addresses, its convenience has unintentionally
Procolored Distributed Malware-Laced Drivers for Half a Year
In an alarming cybersecurity lapse, popular printer brand Procolored has unknowingly distributed malware-infected drivers via its official website for at least six months. The infected software included a Remote Access Trojan (RAT) called XRedRAT and a cryptocurrency stealer known as SnipVex, both capable of compromising user systems and exfiltrating sensitive data. What Happened? The malware was embedded in driver installation
Steam Data Leaked Online – No Cause for Panic, Valve Says
A new cybersecurity scare rippled through the gaming community this week. Allegedly, Steam data leaked online with reports speculating that data from 89 million Steam accounts has been breached. However, Valve, the company behind the world’s largest PC gaming platform, has responded swiftly, stating that no breach occurred and user accounts remain secure. What Happened? On May 15, 2025, reports
Chrome Vulnerability Leaks Cross-Origin Data
Google has released an urgent security update for Chrome to patch a newly discovered zero-day vulnerability, tracked as CVE-2025-4664, that is currently being exploited by attackers in the wild. This high-severity flaw affects how Chrome handles cross-origin requests and could allow attackers to leak sensitive information from users simply by luring them to a malicious web page. What Is CVE-2025-4664?
CPU-Level Ransomware: Is It Possible and How Dangerous Is It?
Ransomware has officially leveled up. In a chilling new development, cybersecurity researchers have unveiled the world’s first proof-of-concept CPU-level ransomware - an attack so deeply embedded in hardware that it bypasses every traditional defense in the cybersecurity playbook. Unlike conventional ransomware that encrypts files through software-level exploits, this innovation taps directly into the processor’s microcode, rewriting the rules of engagement.
