ICYMI: 2025-10-22
Latest Headlines
Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign
Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch
Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution
Critical Vulnerabilities Patched in TP-Link’s Omada Gateways
Keycard Emerges From Stealth Mode With $38 Million in Funding
Russian APT Switches to New Backdoor After Malware Exposed by Researchers
Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025
Hackers Weaponizing OAuth Applications for Persistent Cloud Access Even After Password Reset
Critical Vulnerability in MCP Server Platform Exposes 3,000+ Servers and Thousands of API Keys
Critical Argument Injection Vulnerability in Popular AI Agents Let Attackers Execute Remote Code
New PassiveNeuron Attacking Servers of High-Profile Organizations to Implant Malware
New Tykit Phishing Kit Mimics Microsoft 365 Login Pages to Steal Corporate Account Credentials
Multiple Gitlab Security Vulnerabilities Let Attackers Trigger DoS Condition
Decoding Microsoft 365 Audit Log Events Using Bitfield Mapping Technique – Investigation Report
Chinese Hackers Using ToolShell Vulnerability To Compromise Networks Of Government Agencies
Iranian hackers targeted over 100 govt orgs with Phoenix backdoor
Hackers exploiting critical “SessionReaper” flaw in Adobe Magento
TARmageddon flaw in abandoned Rust library enables RCE attacks
Meta launches new anti-scam tools for WhatsApp and Messenger
FinWise data breach shows why encryption is your last defense
PhantomCaptcha ClickFix attack targets Ukraine war relief orgs
Sharepoint ToolShell attacks targeted orgs across four continents
– MTZ