WeLiveSecurity

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...

Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks

Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in Gladinet's CentreStack and Triofox products for secure remote file access and ...
The Hacker News

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

Kaspersky reports ForumTroll phishing attacks targeting Russian academics, using fake eLibrary emails, personalized files & Windows malware delivery.

Threat actor landscape: What every CISO must know to stay ahead

Threat actors include Scattered Spider (UNC3944), Black Basta, RansomHub, and NoEscape. TTPs comprise SIM-swapping to bypass ...
The Hacker News

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Researchers uncover malware campaigns using cracked software and compromised YouTube videos to deliver CountLoader, ...

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...
ZAWYA

ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files

ESET researchers offer a deep dive analysis of the CVE 2025 50165 vulnerability and provide their method to reproduce the crash using a simple 12-bit or 16-bit JPG image, and an examination of the ...

Dangerous WebRAT malware now being spread by GitHub repositories

Cybersecurity researchers Kaspersky said they found 15 malicious repositories hosted on GitHub. These repositories, apparently crafted with the help of Generative Artificial Intelligence (Gen AI), ...
WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage ...
Hackaday

Surviving The RAM Apocalypse With Software Optimizations

To the surprise of almost nobody, the unprecedented build-out of datacenters and the equipping of them with servers for ...
Security Boulevard

Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft ...