Information

25 Jul

ToolShell: An all-you-can-eat buffet for threat actors

Information

ESET Research ESET Research has been monitoring attacks involving the recently discovered ToolShell zero-day vulnerabilities ESET Research 24 Jul 2025  •  , 5 min. read On July 19th, 2025, Microsoft confirmed that a set of zero-day vulnerabilities in SharePoint Server called ToolShell is being exploited in the wild. ToolShell is comprised of CVE-2025-53770, a remote code execution vulnerability, and CVE‑2025‑53771, a server spoofing vulnerability. These attacks target on-premises Microsoft SharePoint servers, specifically those running SharePoint…

Read More
24 Jul

Phishers Target Aviation Execs to Scam Customers

Information, Insights

KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. An investigation into the attacker’s infrastructure points to a long-running Nigerian cybercrime ring that is actively targeting established companies in the transportation and aviation industries. Image: Shutterstock, Mr. Teerapon Tiuekhom. A reader who works in the transportation industry sent a tip about a recent successful phishing…

Read More
23 Jul

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

Information

Behind every free online service, there’s a price being paid. Learn why your digital footprint is so valuable, and when you might actually be the product. 22 Jul 2025 Your digital footprint is more valuable than you think. It’s not just a trail of data left behind by your online activity – it’s a goldmine of sensitive data. In this episode of Unlocked 403, Becks sits down with ESET Global Security Advisor Jake Moore to…

Read More
21 Jul

Microsoft Fix Targets Attacks on SharePoint Zero-Day

Information, Insights

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the SharePoint flaw to breach U.S. federal and state agencies, universities, and energy companies. Image: Shutterstock, by Ascannio. In an advisory about the SharePoint security hole, a.k.a. CVE-2025-53770, Microsoft said it is aware of active attacks targeting on-premises SharePoint…

Read More
17 Jul

Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai

Data Breaches, Information, Insights

Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456”) for the fast food chain’s account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 firms. Paradox.ai said the security oversight was an isolated incident that did not affect its other customers, but recent security breaches involving its employees in Vietnam tell…

Read More
16 Jul

Unmasking AsyncRAT: Navigating the labyrinth of forks

Information

AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a sprawling network of forks and variants. While its capabilities are not that impressive on their own, it is the open-source nature of AsyncRAT that has truly amplified its impact. This blogpost provides an overview and analysis of the most relevant forks of AsyncRAT, drawing connections between them and showing how they have evolved. Key…

Read More
14 Jul

DOGE Denizen Marko Elez Leaked API Key for xAI

Data Breaches, Information, Insights

Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over the weekend inadvertently published a private key that allowed anyone to interact directly with more than four dozen large language…

Read More
10 Jul

UK Arrests Four in ‘Scattered Spider’ Ransom Group

Information, Insights

Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods, and the British food retailer Co-op Group. The breaches have been linked to a prolific but loosely-affiliated cybercrime group dubbed “Scattered Spider,” whose other recent victims include multiple airlines. The U.K.’s National Crime Agency (NCA) declined verify the names of those arrested, saying only…

Read More
08 Jul

Microsoft Patch Tuesday, July 2025 Edition

Information, Insights

Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited to seize control over vulnerable Windows PCs with little or no help from users. While not listed as critical, CVE-2025-49719 is a publicly disclosed information disclosure vulnerability, with…

Read More
06 Jul

How to get into cybersecurity | Unlocked 403 cybersecurity podcast (S2E3)

Information

Cracking the code of a successful cybersecurity career starts here. Hear from ESET’s Robert Lipovsky as he reveals how to break into and thrive in this fast-paced field. 04 Jul 2025 What does it take to break into cybersecurity? Is there any best path? Do you need to be a coding prodigy? What college degree do you need? Indeed, do you need any? If these are some of the questions swirling in your mind, you’re…

Read More