Attackers are making use of Windows shortcut (.lnk) files to dupe users into running malicious code on their systems.Researchers with Trend Micro’s Zerdo Day Initiative (ZDI) said that threat actors around the globe have been taking advantage of the Windows shell link shortcut format to execute malicious code on target machines.Dubbed ZDI-CAN-25373 (more on this … Read more
The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. “The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates,” Check Point said in a new analysis. “More than 1,600 victims were affected … Read more
A serious security vulnerability has been found in popular stalkerware apps, exposing the sensitive personal information and communications of millions of people. Stalkerware is a type of spyware, frequently used to spy on every message sent or received by a romantic partner, learn who they are speaking to on their phone, learn their location, or … Read more
A flaw rated “critical” in Nvidia server tools could potentially allow attackers to compromise AI servers.Researchers with Wiz identified the flaw last year, which could allow an attacker to escape a container and execute high level commands or view data from other containers on the host machine.Administrators are being advised to update their Nvidia Container … Read more
An unpatched vulnerability in the Ivanti Connect Secure VPN has been under active attack. Researchers with Google’s Mandiant Cloud security team said that one or more threat actors are currently exploiting CVE-2025-0282 for remote takeover attacks on targeted networks. The flaw, originally exploited as a zero-day vulnerability, has since been given an emergency patch and … Read more
