The DeceptiveDevelopment malware campaign, linked to North Korean cybercriminals, exploits freelance software developers in the cryptocurrency sector through fake job offers and sophisticated phishing tactics.
A critical authentication bypass vulnerability in Palo Alto Networks’ PAN-OS, CVE-2025-0108, has been discovered and is being actively exploited, allowing attackers to gain root access to affected systems.
The “Ghost” ransomware group, also known as Cring and Crypt3r, has been conducting widespread cyberattacks since 2021, targeting critical infrastructure and exploiting vulnerabilities in software such as Fortinet FortiOS and Microsoft Exchange.
Mobile phishing attacks, or “mishing,” have surged significantly, exploiting the unique vulnerabilities of mobile devices and targeting both personal and corporate users through advanced social engineering techniques.
The United Kingdom has sanctioned ZSERVERS, a key player in the Russian cybercrime infrastructure, along with its affiliates and a UK front company, to enhance national security and disrupt ransomware operations targeting the UK.
DeepSeek’s R1 AI model has been criticized for its high failure rate in security tests, making it vulnerable to various exploits and leading to bans and scrutiny from multiple countries and organizations.
