NightEagle APT (APT-Q-95) is exploiting an unknown Exchange zero-day to target China's strategic industries, using fileless malware and exfiltrating machineKey for remote email access.

IBM X-Force reveals Azure Arc can be exploited for RCE and privilege escalation via hardcoded secrets, recoverable credentials, and overscoped roles, turning it into a stealthy threat vector.

OpenAI has again confirmed that it will unify multiple models into one and create GPT-5, which is expected to ship sometime in the summer.

TRM Labs' analysis of the Nobitex hack reveals Iran's crypto exchange was engineered for sanctions evasion, featuring deep fiat integration and blockchain obfuscation to defy surveillance.

Socket uncovers a sprawling network of malicious Firefox extensions, masquerading as games, VPNs, and tools, to hijack affiliate links, steal OAuth tokens, and reroute traffic.

Splunk uncovers XWorm's evolution: a modular RAT now delivering LockBit ransomware. It uses flexible delivery, AMSI/ETW bypasses, and process injection to evade detection.

Taiwan's National Security Bureau warns against Chinese apps like TikTok, WeChat, and Rednote, citing excessive data collection and transfer to China as national security risks.

APT36 (Transparent Tribe) is now targeting Indian government agencies via BOSS Linux with spear-phishing. It uses malicious .desktop files to deploy Go-based malware for espionage.

SpyCloud Labs exposes VenusTech & Salt Typhoon data leaks on DarkForums, revealing contract details for Chinese hack-for-hire operations against foreign targets, including military links.

NSFOCUS uncovers Hpingbot, a rapidly evolving Go-based botnet using Pastebin for payloads and hping3 for DDoS. It targets Windows/Linux/IoT, focusing on stealth and persistence.

Synacktiv unveils chained flaws in ScriptCase's prod console (CVE-2025-47227/47228) allowing pre-authenticated RCE via password reset & shell injection, risking web servers.

Apple's H2 2025 roadmap: iPhone 17 series (new Air model), Apple Watch Ultra 3 (5G/satellite), M5 Macs/iPads, and refreshed smart home devices, totaling over 15 new products.

Redis discloses CVE-2025-48367 (CVSSv4 7.0), a DoS flaw where authenticated clients can misuse multi-bulk commands. No direct code fix is planned; reinforce access controls.

A flaw (CVE-2025-48367, CVSS 7.0) in Redis HyperLogLog allows authenticated RCE via out-of-bounds writes. PoC available. Update to 8.0.3, 7.4.5, 7.2.10, or 6.2.19!

Pakistan-based threat actor APT36, also known as Transparent Tribe, has significantly evolved its cyber-espionage capabilities by launching a sophisticated campaign specifically targeting Indian defense personnel through weaponized ZIP files designed to compromise…

Best Network Security Solutions for CSO :1. Palo Alto Networks 2. Fortinet 3. Perimeter81 4. Check Point Software 5. Juniper Networks

A newly highlighted vulnerability in the Linux boot process exposes a critical weakness in the security posture of many modern distributions.

Microsoft Edge continues to actively discourage Google Chrome downloads using ads and warnings, though these tactics have ceased within the EU due to regulatory pressure.

Microsoft has officially removed the outdated and vulnerable PowerShell 2.0 from Windows 11 (starting with Build 27981), streamlining the OS and bolstering security.

TikTok is launching a new "M2" app by Sept 5 to comply with US divestment law, as ByteDance nears a deal with Oracle, aiming to replace the current app by March 2026.

Microsoft revised KB5001716 to stop automatic Windows 11 upgrades, now only showing notifications about end-of-life or hardware issues for Windows 10/11 users.