On one of Russia’s most popular forums for buying and selling vulnerabilities and attack tools, the thread appeared as a standard commercial ad, but the content is anything but trivial. The user who goes by the username “Baiden” is offering for sale the source code of an alleged zero-day bug for a WordPress plugin—a flaw that, according to the author, affects thousands of installations. The post states that the vulnerability allows for ” unauthorized ” emails to be sent from vulnerable sites, either individually or in bulk, with messages generated from a configurable template. The author claims to have personally discovered the

The British economy contracted further in September, largely due to the cyber attack on car manufacturer Jaguar Land Rover (JLR) and its forced closure. A new report from the Office for National Statistics (ONS) records a 0.1% contraction in GDP and simultaneously revises the August figure to zero, which recorded a 0.1% growth compared to the previous figure. As a result, the country’s economy grew by only 0.1% in the third quarter, significantly below the 0.7% growth rate recorded at the beginning of the year . Other G7 countries are also posting similarly weak results: Germany, Italy, and Canada have seen stagnant

Google researchers warn that hackers are exploiting a critical vulnerability in Gladinet Triofox to remotely execute code with SYSTEM privileges, bypassing authentication and gaining complete control of the system. The vulnerability, identified as CVE-2025-12480 (CVSS score 9.1), is related to the access control logic: administrative privileges are granted if the request comes from localhost. This allows attackers to forge the HTTP Host header and penetrate the system without a password, according to experts at the Google Threat Intelligence Group (GTIG). Note that if the optional TrustedHostIp parameter is not configured in web.config , the localhost check becomes the only barrier, leaving installations

BazarLoader (sometimes referred to as BazaLoader ) is a ” precursor malware ” that provides initial backdoor access to an infected Windows host. Once a client is infected, criminals use this access to deliver additional malware, scan the environment, exploit other vulnerable hosts on the network, and launch the ransomware. The threat actor behind BazarLoader uses different methods to distribute this malware to potential victims. In early February 2021 , researchers began reporting a call center-based method for distributing BazarLoader. This method uses trial-subscription-themed emails that encourage potential victims to call a specific phone number. A call center operator answers and directs

Emotet is a malware of the Trojan Horse category, which began its first spread in 2014 which brought it to the podium among the main cyber threats of the decade managing to affect over 1.6 million devices. Emotet, a product of the MealyBug criminal organization, was initially used to steal banking credentials. Once installed, the malware could download various modules for data exfiltration. Some of these modules used brute-force algorithms to find passwords on the infected device by searching for passwords among those saved by the browser and on the machine. During its evolution, given the efficiency of the Trojan in its

Amazon ha segnalato un complesso attacco informatico in cui gli aggressori hanno sfruttato simultaneamente due vulnerabilità zero-day, presenti nei prodotti Citrix e Cisco. Secondo il responsabile della sicurezza informatica dell’azienda, CJ Moses, un gruppo sconosciuto ha ottenuto l’accesso ai sistemi sfruttando le falle prima che fossero rese pubbliche e ha distribuito malware personalizzato. L’incidente è stato rilevato dalla rete honeypot MadPot di Amazon. Sono stati rilevati tentativi di sfruttare la vulnerabilità CVE-2025-5777 in Citrix NetScaler ADC e NetScaler Gateway, un errore di lettura fuori dai limiti. Questa vulnerabilità consentiva a un aggressore di leggere da remoto il contenuto della memoria del dispositivo

A London court has sentenced 47-year-old Chinese woman Zhimin Qian , also known as Yadi Zhang, to 11 years and eight months in prison for laundering bitcoin obtained through the largest cryptocurrency Ponzi scheme in Chinese history. Between 2014 and 2017, the scheme defrauded over 128,000 people, costing them over $7.3 billion in cryptocurrency. The international investigation, conducted by British and Chinese law enforcement agencies, lasted seven years and led to the seizure of 61,000 bitcoins. At the time of their seizure, their value had risen to approximately $7.3 billion. This is the largest cryptocurrency seizure in UK history , surpassing even

On November’s Patch Tuesday, Microsoft fixed 63 vulnerabilities , including a critical zero-day vulnerability that had already been exploited in attacks. This time, the fixes affected a wide range of Windows components and Microsoft products, from the operating system kernel to the Office suite and cloud solutions. According to the company itself, the most dangerous vulnerability affected the Windows kernel and allowed for the escalation of system privileges; the vulnerability has been assigned the identifier CVE-2025-62215. The flaw allowed local privilege escalation by exploiting incorrect synchronization during resource sharing . The bug was discovered by Microsoft’s internal threat intelligence team. Of the