fp-6d

Check Point uncovers Iranian-aligned Nimbus Manticore's (UNC1549) spear-phishing campaign hitting defense, telecom, and aviation in Denmark, Sweden, Portugal. Fake job portals deliver MiniJunk backdoor and MiniBrowse stealer via advanced DLL side-loading—boost phishing defenses now.

Cybercriminals leverage Dynamic DNS services to evade detection and build persistent command-and-control networks, abusing 70,000+ domains with minimal oversight. APT groups like Fancy Bear and Chinese hackers use obfuscation and rotations—defenders face growing challenges in mitigation.

Threat actors use in-memory PE loaders to download and run malicious executables (e.g., RATs) via Windows APIs like VirtualAlloc and LoadLibraryA, evading file-based EDR like Microsoft Defender/Sophos. Learn the technique's steps, red team success, and need for memory/behavioral defenses.

Microsoft's September 2025 Patch Tuesday updates disrupt SMBv1 connectivity over NetBT in Windows 11/10 and Servers (2022/2025), exposing legacy risks like EternalBlue/WannaCry. Learn affected systems, security dangers, PowerShell fixes, and migration tips to SMBv2/3.

Zero Salarium's EDR-Freeze proof-of-concept uses Windows' MiniDumpWriteDump to freeze EDR and antivirus software indefinitely, offering a stealthy alternative to BYOVD attacks without third-party drivers or detection risks.

RevengeHotels (TA558) escalates cyberattacks with AI-crafted loaders delivering VenomRAT malware, targeting Windows users via phishing. The malware features stealth, persistence, and encrypted communication.

A severe remote code execution vulnerability in Progress OpenEdge AdminServer’s Java RMI interface (CVE-2025-7388) lets attackers execute commands with elevated privileges. Update to LTS versions 12.2.18 or 12.8.9 immediately.

Cybercriminals use a fake Microsoft Teams download site to distribute the Odyssey macOS stealer, stealing credentials, crypto wallets, and sensitive data. Learn how to protect your Mac.

A sophisticated OneDrive spearphishing campaign targets corporate executives with fake HR emails and Microsoft Office 365 login pages to steal credentials. Learn how to recognize and prevent this threat.

Researchers found 8 malicious NPM packages targeting Windows Chrome users with obfuscated code to steal passwords, credit cards, and crypto wallets. Learn more.