PureHVNC RAT Evades Defenses with Fake Jobs & PowerShell
Netskope Threat Labs has uncovered a stealthy malware campaign delivering the PureHVNC Remote Access Trojan (RAT), using a multi-layer infection chain designed to evade modern security tools. Active throughout 2024, [...]
Nifty[.]com Infrastructure Exploited in Phishing Attack
Between April and May 2025, threat actors launched a multi-wave phishing campaign by exploiting the trusted infrastructure of Nifty[.]com, a major Japanese ISP. Instead of spoofing domains, they registered free [...]
Cloud Devices Under Attack: 251 IPs Exploit 75 Flaws
On May 8, 2025, cybersecurity analysts at GreyNoise identified a large-scale and tightly coordinated scanning campaign that swept across 75 known exposure points on the internet—all within a 24-hour window. [...]
Evertz SDN Vulnerability Allows Arbitrary Command Execution
A critical vulnerability (CVE-2025-4009) was found in Evertz’s Software Defined Video Network (SDVN) products, allowing attackers to run remote code without logging in. Evertz SDN Vulnerability Discovered by ONEKEY Research [...]
Mozilla Urgently Patches Firefox Pwn2Own 2025 Flaws
At this year’s Pwn2Own Berlin, researchers revealed two new zero-day flaws in Mozilla Firefox, targeting its content process. These bugs—CVE-2025-4918 and CVE-2025-4919—were found in Firefox’s JavaScript engine. They allowed attackers [...]
Get Social