Top News

• Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware

"Cybercriminals are increasingly weaponizing legitimate software installer frameworks like Inno Setup to distribute malware, turning user-friendly tools into covert vehicles for malicious payloads."

Link

TLP¹ : Green

Top News

• Researchers Defeat Content Security Policy Protections via HTML Injection

"In a breakthrough that challenges the perceived safety of nonce-based Content Security Policy (CSP), security researchers have demonstrated a practical method to bypass these protections by combining HTML injection, CSS-based nonce leakage, and browser cache manipulation."

Link

Top News

• Hunters International ransomware shuts down, releases free decryptors

​"The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom."

Link

TLP¹ : Green

Top News

• Cloudflare Puts a Default Block on AI Web Scraping

"Cloudflare has reversed its block on AI-crawling from optional to default, allowing finer grained crawling but only with agreement from all parties concerned."

Link

TLP¹ : Green

Top News

• Stealthy WordPress Malware Drops Windows Trojan via PHP Backdoor

"Last month, we encountered a particularly interesting and complex malware case that stood out from the usual infections we see in compromised WordPress websites."

Link

TLP¹ : Green

Top News

• Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

"A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit."

Link

TLP¹ : Green

Top News

• MOVEit Transfer Systems Hit by Wave of Attacks Using Over 100 Unique IPs

"A dramatic surge in scanning and exploitation activity targeting Progress Software’s MOVEit Transfer file-sharing platform has alarmed cybersecurity researchers and enterprise defenders worldwide."

Link

TLP¹ : Green

Top News

• Black Hat SEO Poisoning Search Engine Results For AI to Distribute Malware

"Zscaler ThreatLabz researchers recently uncovered AI-themed websites designed to spread malware. The threat actors behind these attacks are exploiting the popularity of AI tools like ChatGPT and Luma AI. "

Link

TLP¹ : Green

Top News

• NCSC Issues Alert on ‘UMBRELLA STAND’ Malware Targeting Fortinet FortiGate Firewalls

The National Cyber Security Centre (NCSC) has sounded the alarm over a newly identified malware dubbed “UMBRELLA STAND,” specifically targeting internet-facing FortiGate 100D series firewalls manufactured by Fortinet.

Link

TLP¹ : Green

Top News

• Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic

Large-scale attacks designed to bring down Internet services by sending them more traffic than they can process keep getting bigger, with the largest one yet, measured at 7.3 terabits per second, being reported Friday by Internet security and performance provider Cloudflare.

Link