Microsoft Teams Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53783
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53783
HTTP/2 implementations are vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames
https://kb.cert.org/vuls/id/767506
https://kb.cert.org/vuls/id/767506
kb.cert.org
CERT/CC Vulnerability Note VU#767506
HTTP/2 implementations are vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames
Linux_Server_Administration_guide.pdf
1.2 MB
Master Linux Server Administration
QuirkyLoader - A new malware loader delivering infostealers and RATs
https://www.ibm.com/think/x-force/ibm-x-force-threat-analysis-quirkyloader
https://www.ibm.com/think/x-force/ibm-x-force-threat-analysis-quirkyloader
Ibm
IBM X-Force Threat Analysis: QuirkyLoader - A new malware loader delivering infostealers and RATs | IBM
Watch out! There’s a new malware loader spreading additional infection to already compromised systems. Read more about QuirkyLoader and what IBM X-Force has learned about it.
Unmasking the DPRK-linked GitHub C2 Espionage Campaign
https://www.trellix.com/blogs/research/dprk-linked-github-c2-espionage-campaign/
https://www.trellix.com/blogs/research/dprk-linked-github-c2-espionage-campaign/
Trellix
The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign
The Trellix Advanced Research Center uncovered a sophisticated espionage operation targeting diplomatic missions across several regions in South Korea during early 2025.
Android Document Readers and Deception: Tracking the Latest Updates to Anatsa
Anatsa malware (a.k.a. TeaBot) that attacks Android devices and targets financial applications. Anatsa, first discovered in 2020, is capable of stealing credentials, monitoring keystrokes, and facilitating fraudulent transactions..:
https://www.zscaler.com/blogs/security-research/android-document-readers-and-deception-tracking-latest-updates-anatsa
Anatsa malware (a.k.a. TeaBot) that attacks Android devices and targets financial applications. Anatsa, first discovered in 2020, is capable of stealing credentials, monitoring keystrokes, and facilitating fraudulent transactions..:
https://www.zscaler.com/blogs/security-research/android-document-readers-and-deception-tracking-latest-updates-anatsa
Zscaler
Anatsa’s Latest Updates | ThreatLabz
This analysis explores the latest updates to the Anatsa Android malware family.
SpyVPN: The Google-Featured VPN That Secretly Captures Your Screen
Most people turn to a VPN for one reason: privacy. And with its verified badge, featured placement, and 100k+ installs, FreeVPN.One looked like a safe choice. But once it’s in your browser, it’s not working to keep you safe, it’s continuously watching you..:
https://www.koi.security/blog/spyvpn-the-vpn-that-secretly-captures-your-screen
Most people turn to a VPN for one reason: privacy. And with its verified badge, featured placement, and 100k+ installs, FreeVPN.One looked like a safe choice. But once it’s in your browser, it’s not working to keep you safe, it’s continuously watching you..:
https://www.koi.security/blog/spyvpn-the-vpn-that-secretly-captures-your-screen
www.koi.ai
SpyVPN: The Google-Featured VPN That Secretly Captures Your Screen | Koi Blog
Proxyware Malware Being Distributed on YouTube Video Download Site
Evil YouTube downloaders:
https://asec.ahnlab.com/en/89787/
Evil YouTube downloaders:
https://asec.ahnlab.com/en/89787/
ASEC
Proxyware Malware Being Distributed on YouTube Video Download Site - 2 - ASEC
Proxyware Malware Being Distributed on YouTube Video Download Site - 2 ASEC
CVE-2025-48384: Git vulnerable to arbitrary file write on non-Windows systems
...Git CLI on macOS and Linux, issue the command git --version and check to see if the returned version is not on v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, or v2.50.1..:
https://securitylabs.datadoghq.com/articles/git-arbitrary-file-write/
Fixes for Exploited Git Vulnerabilities
https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/
...Git CLI on macOS and Linux, issue the command git --version and check to see if the returned version is not on v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, or v2.50.1..:
https://securitylabs.datadoghq.com/articles/git-arbitrary-file-write/
Fixes for Exploited Git Vulnerabilities
https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/
Datadoghq
CVE-2025-48384: Git vulnerable to arbitrary file write on non-Windows systems
Learn more about the emerging vulnerability affecting Git.
ShadowCaptcha
ClickFix technique and fake Google/Cloudflare CAPTCHA pages..
https://www.gov.il/en/pages/shadowcaptch-campaign
ClickFix technique and fake Google/Cloudflare CAPTCHA pages..
https://www.gov.il/en/pages/shadowcaptch-campaign
APT36 Malware Campaign Using Desktop Entry Files and Google Drive Payload Delivery
https://cloudsek.com/blog/investigation-report-apt36-malware-campaign-using-desktop-entry-files-and-google-drive-payload-delivery
https://cloudsek.com/blog/investigation-report-apt36-malware-campaign-using-desktop-entry-files-and-google-drive-payload-delivery
Cloudsek
Investigation Report: APT36 Malware Campaign Using Desktop Entry Files and Google Drive Payload Deliver | CloudSEK
Pakistan-linked APT36 (Transparent Tribe) launched a new cyber-espionage campaign targeting Indian government and defense entities. Active in August 2025, the group used phishing ZIP files containing malicious Linux “.desktop” shortcuts that downloaded payloads…
FreePBX zero-day
https://community.freepbx.org/t/security-advisory-please-lock-down-your-administrator-access/107203
https://community.freepbx.org/t/security-advisory-please-lock-down-your-administrator-access/107203
FreePBX Community Forums
Security Advisory: Please Lock Down Your Administrator Access
The Sangoma FreePBX Security Team is aware of a potential exploit affecting some systems with the administrator control panel exposed to the public internet. AUG. 28 GOOD NEWS: FIX IS NOW DEPLOYED IN STABLE REPOS FOR AFFECTED SUPPORTED VERSIONS, INCLUDING…
ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies
https://research.checkpoint.com/2025/zipline-phishing-campaign/
https://research.checkpoint.com/2025/zipline-phishing-campaign/
Check Point Research
ZipLine Phishing Campaign Targets U.S. Manufacturing - Check Point Research
Check Point Research exposes ZipLine, an advanced phishing campaign targeting U.S. manufacturing with MixShell malware and AI-themed lures
WhatsApp Emergency Updates - Zero-Click Exploit on iOS and macOS Devices
https://www.whatsapp.com/security/advisories/2025/
https://www.whatsapp.com/security/advisories/2025/
WhatsApp.com
WhatsApp Security Advisories 2025
WhatsApp Security Advisories 2025 - List of security fixes for WhatsApp products
Detecting Microsoft Teams Phishing: Hunting the Fake IT Helpdesk Threat
https://www.hunters.security/en/blog/microsoft-teams-phishing-fake-it-helpdesk?utm_campaign=21008660-%5BThreat%20research%5D%20Microsoft%20Teams%20Phishing
https://www.hunters.security/en/blog/microsoft-teams-phishing-fake-it-helpdesk?utm_campaign=21008660-%5BThreat%20research%5D%20Microsoft%20Teams%20Phishing
www.hunters.security
Detecting Microsoft Teams Phishing: Hunting the Fake IT Helpdesk Threat
Microsoft Teams phishing is rising fast. See how attackers bypass defenses—and get practical detection logic and hunting queries for your SOC.