Top News

• China's DeepSeek just dropped a free challenger to OpenAI's o1 – here's how to use it on your PC

"El Reg digs its claws into Middle Kingdom's latest chain of thought model"

Link

TLP¹ : Green

Top News

• Stealthy and Persistent: New Ransomware Tactics Target VMware ESXi

"Sygnia’s latest report reveals the evolving tactics of ransomware groups targeting VMware ESXi appliances. By exploiting these critical virtualized infrastructure components, attackers aim to disrupt operations and maintain stealthy persistence within compromised networks."

Link

Top News

• TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware

"Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks."

Link

TLP¹ : Green

Top News

• DLL Sideloading & Proxying: New Campaign Delivers Sliver Implants to German Targets

"Cyble Research and Intelligence Labs (CRIL) has uncovered an ongoing cyber campaign targeting German organizations using sophisticated tactics like DLL sideloading, proxying, and the deployment of the Sliver implant, an open-source red-teaming framework adapted for malicious purposes."

Link

Top News

• ChatGPT Crawler Vulnerability: DDoS Attacks via HTTP Requests

"The behavior of ChatGPT’s web crawler can be exploited through a discovered vulnerability: under specific query conditions, OpenAI’s bot may inadvertently execute DDoS attacks on arbitrary websites."

Link

TLP¹ : Green

Top News

• CVE-2025-0411: 7-Zip Security Vulnerability Enables Code Execution – Update Now

"Popular file archiver, 7-Zip, contained a flaw that could have allowed attackers to slip malware past Windows’ security defenses."

Link

TLP¹ : Green

Top News

• TikTok shuts down in the US as Trump throws the company a lifeline

"TikTok shut down in the U.S. late Saturday night following the Supreme Court's decision to uphold the law that banned the company over national security concerns."

Link

TLP¹ : Green

Top News

• Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

"Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that's designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration."

Link

TLP¹ : Green

Top News

• Google OAuth Vulnerability Exposes Millions via Failed Startup Domains

New research has pulled back the curtain on a "deficiency" in Google's "Sign in with Google" authentication flow that exploits a quirk in domain ownership to gain access to sensitive data.

Link

TLP¹ : Green

Top News

• Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

"Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar."

Link