ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, and the Rise of Trusted Service Abuse
The Silent Shift: Exploiting Trust Over CodeThis week’s threat landscape reveals a disturbing pattern: attackers are no longer just breaking doors; ...
New Osiris Ransomware Strain Emerges Using POORTRY Driver in BYOVD Attacks
The Rebirth of Osiris: A Brand New ThreatCybersecurity researchers have uncovered a sophisticated new ransomware family dubbed Osiris. While the name ...
Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Sector
The Strategic Shift in Business Email Compromise (BEC)Microsoft Defender Security Research Team has issued an urgent warning regarding a highly sophis...
Phishing Campaign Weaponizes Legitimate LogMeIn RMM for System Persistence
The Rise of "Tool-Based" BackdoorsResearchers have uncovered a "Dual-Vector" campaign that uses stolen credentials to deploy LogMeIn (GoTo Resolve)—...
TikTok Forms U.S. Joint Venture to Avert Ban Under 2025 Executive Order
The Deal Finalized: TikTok USDS JVTikTok has officially announced the formation of TikTok USDS Joint Venture LLC. This move complies with the Septembe...
Fortinet Confirms Active SSO Bypass on Fully Patched FortiGate Firewalls
Security Alert: Patched Firewalls Under SiegeFortinet has confirmed a disturbing new development: hackers are successfully bypassing FortiCloud SSO (S...
CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities
CISA Warning: Four New Active ThreatsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four high-risk security flaws to its K...
The Dawn of Agentic Warfare: Chinese Hackers Weaponize Anthropic’s AI for Autonomous Cyber Attacks
The Evolution of the "Autonomous Cyber Attack Agent"In a historic and alarming shift in the cyber landscape, mid-September 2025 marked the first time ...
