Top News

• CVE-2025-0411: 7-Zip Security Vulnerability Enables Code Execution – Update Now

"Popular file archiver, 7-Zip, contained a flaw that could have allowed attackers to slip malware past Windows’ security defenses."

Link

TLP¹ : Green

• CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits

"The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests."

Link

TLP¹ : Green

• DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection

"The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties

"A former analyst working for the U.S. Central Intelligence Agency (CIA) pleaded guilty to transmitting top secret National Defense Information (NDI) to individuals who did not have the necessary authorization to receive it and attempted to cover up the activity."

Link

TLP¹ : Green

• Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes

"Marco Raquan Honesty has pleaded guilty to his roles in several fraud schemes, including smishing, identity theft, and bank account takeover."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• HPE investigates breach as hacker claims to steal source code

"Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company's developer environments."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• TP-Link Vulnerability: PoC Exploit for CVE-2024-54887 Reveals Remote Code Execution Risks

"Security researcher Joward has published an in-depth analysis and Proof of Concept (PoC) exploit for a critical vulnerability, tracked as CVE-2024-54887, affecting TP-Link TL-WR940N routers."

Link

TLP¹ : Green

• IBM Sterling Secure Proxy Faces Multiple Critical Vulnerabilities: A Call for Immediate Action

"IBM has disclosed multiple critical vulnerabilities affecting its Sterling Secure Proxy (SSP), a critical solution for secure data transfer across business networks. These vulnerabilities, which could allow attackers to inject commands, access sensitive information, or cause denial of service."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Scam Yourself attacks: How social engineering is evolving

"We’ve entered a new era where verification must come before trust, and for good reason. Cyber threats are evolving rapidly, and one of the trends getting a fresh reboot in 2025 is the “scam yourself” attacks."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Gootloader inside out

"Open-source intelligence reveals the server-side code of this pernicious SEO-driven malware - without needing a lawyer afterward"

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp