Top News

• Google Introduces New AI-Powered Scam Detection Features for Android

Google has launched two new AI-powered tools to detect conversational scams on Android devices. These new features, Scam Detection for messages and calls, respectively, were introduced in a Google blog post published on March 4.

Link

TLP¹ : Green

• CVE-2025-26776 (CVSS 10) in Chaty Pro Plugin Exposes Thousands of WordPress Sites to Takeover

A critical vulnerability has been discovered in the Chaty Pro plugin for WordPress, potentially allowing attackers to completely take over websites. With an estimated 18,000 active installations, this plugin, which provides a chat button for website visitors to connect via various platforms like WhatsApp and Facebook Messenger, is now confirmed to have a serious security flaw.

Link

TLP¹ : Green

• Rural hospitals in US need to invest at least $70 million in cybersecurity, Microsoft finds

In a white paper published on Wednesday, the tech giant said the cost to mitigate basic cyber risks across all of the approximately 2,100 rural hospitals in the U.S. would be $70 million to $75 million. Each hospital would on average need to spend between $30,000 and $40,000.

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit

The suspected North Korean hackers behind the theft of more than $1 billion from crypto platform Bybit have completed the initial stage of laundering the funds.

Link

TLP¹ : Green

• PayPal scam abuses Docusign API to spread phishy emails

The Docusign Application Programming Interface (API) allows “customers” to send emails that come from genuine Docusign accounts, and they can use templates to impersonate reputable companies.

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• CVE-2025-1080: LibreOffice Patches Security Flaw Allowing Arbitrary Script Execution

The Document Foundation has released security updates for LibreOffice to address a vulnerability that could allow attackers to execute arbitrary scripts. The vulnerability, tracked as CVE-2025-1080 and assigned a CVSS score of 7.2, affects LibreOffice versions prior to 24.8.5 and 25.2.1.

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Researchers Unveil APT28’s Advanced HTA Trojan Obfuscation Tactics

Security researchers have uncovered sophisticated obfuscation techniques employed by APT28, a Russian-linked advanced persistent threat (APT) group, in their HTA (HTML Application) Trojan.

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Open-source tool 'Rayhunter' helps users detect Stingray attacks

The Electronic Frontier Foundation (EFF) has released a free, open-source tool named Rayhunter that is designed to detect cell-site simulators (CSS), also known as IMSI catchers or Stingrays.

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp