RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

by admin | Nov 15, 2025 | Uncategorized

The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution. The vulnerability in question is CVE-2025-24893 (CVSS score: 9.8), an eval...

Five U.S. Citizens Plead Guilty to Helping North Korean IT Workers Infiltrate 136 Companies

by admin | Nov 15, 2025 | Uncategorized

The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea’s illicit revenue generation schemes by enabling information technology (IT) worker fraud in violation of international sanctions. The...

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

by admin | Nov 14, 2025 | Uncategorized

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. “The threat actors have recently resorted to utilizing JSON storage services like JSON...

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

by admin | Nov 14, 2025 | Uncategorized

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. “These...

Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets

by admin | Nov 14, 2025 | Uncategorized

The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign. The activity, detected in early...