Latest Threat Intel

Security researchers collected $792,750 in cash after exploiting 56 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. Today’s highlight was Ken Gannon of Mobile Hacking Lab and Dimitrios Valsamaras of Summoning Team hacking the Samsung Galaxy S25 with a chain of five security flaws, earning $50,000 and 5 Master of Pwn points. Also, while PHP Hooligans needed only a single

State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor. The threat actor is also known as Static Kitten, Mercury, and Seedworm, and it typically targets government and private organizations in the Middle East region. Starting August 19, the hackers launched a phishing campaign from

Security researchers are warning that Vidar Stealer infections are likely to increase after the malware developer released a new major version with upgraded capabilities. According to an announcement from the developer this month, Vidar 2.0 has been rewritten in C, supports multi-threading data stealing, bypasses Chrome’s app-bound encryption, and features more advanced evasion mechanisms. Infostealer

The DNS0.EU non-profit public DNS service focused on European users announced its immediate shut down due to time and resource constraints. Based in France, the service was built as a resilient infrastructure across several hosting providers in every member state of the European Union. The team behind DNS0.EU replaced all content on the website with a

Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware. ISC Handler Xavier Mertens spotted the ongoing campaign, which is largely the same as the one observed by Trend Micro in May The TikTok videos seen by BleepingComputer pretend to offer instructions on

A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. The campaign employs “ClickFix” techniques where targets are tricked into executing commands in Terminal, infecting themselves with malware. Homebrew is a popular open-source package management system that makes it easier to install

ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and modification. ConnectWise Automate is a remote monitoring and management (RMM) platform used by managed service providers (MSPs), IT service companies, and internal IT departments in large enterprises. In typical deployments

Major international auction house Sotheby’s is notifying individuals of a data breach incident on its systems where threat actors stole sensitive information, including financial details. The hack was detected on July 24 and the investigtion took two months to determine they type of data stolen and the individuals impacted as a result. Sotheby’s is a

The Information Commissioner’s Office (ICO) in the UK has fined Capita, a provider of data-driven business process services, £14 million ($18.7 million) for a data breach incident in 2023 that exposed the personal information of 6.6 million people. Capita is a major UK-based outsourcing and professional services company that provides consulting, digital, and software services to local