Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
A suspected Russian hacking group known as Water Gamayun, also referred to as EncryptHub and LARVA-208, has been identified as the threat actor behind the zero-day exploitation of CVE-2025-26633 in Microsoft Windows. This vulnerability, also dubbed "MSC EvilTwin," enables attackers to deploy two new backdoors: SilentPrism and DarkWisp.
A set of five critical security vulnerabilities have been disclosed in the Ingress NGINX Controller for Kubernetes, potentially allowing unauthenticated remote code execution (RCE). This flaw puts over 6,500 clusters at immediate risk, particularly those with the component exposed to the public internet.
Citizen Lab Uncovers WhatsApp Zero-Day Exploited by Paragon’s Graphite Spyware
A recent investigation by The Citizen Lab at the University of Toronto has exposed the exploitation of a zero-day vulnerability in Meta’s WhatsApp by Graphite, a spyware developed by Israeli company Paragon Solutions. This discovery raises serious concerns about the use of commercial surveillance tools against individuals worldwide.
Over 300 Malicious Android Apps Installed 60 Million Times in 'Vapor' Campaign
A large-scale malware operation, dubbed "Vapor," has infiltrated Google Play, with over 300 malicious apps being downloaded 60 million times. These apps acted as adware, committed large-scale ad fraud, and attempted to steal user credentials and credit card information.
SuperBlack Ransomware Exploits Fortinet Vulnerabilities: A New Cyber Threat Emerges
A Russian-linked threat actor, identified as Mora_001, has been actively exploiting vulnerabilities in Fortinet firewalls to deploy a new ransomware variant known as SuperBlack. Security researchers at Forescout have uncovered this sophisticated campaign, highlighting the threat actor’s ties to established ransomware gangs and their use of advanced post-exploitation techniques.
Elon Musk Claims X Was Hit by a "Massive Cyber-Attack" Amid Service Outages
On Monday afternoon, Elon Musk alleged that X, the social media platform formerly known as Twitter, was the target of a "massive cyber-attack" that led to widespread service disruptions throughout the day. Users across the globe experienced difficulties accessing the platform, with posts failing to load and intermittent outages persisting for hours.
Broadcom Fixes Three VMware Zero-Days Exploited in Attacks
Broadcom has issued security updates to address three actively exploited zero-day vulnerabilities in VMware products. These flaws, reported by the Microsoft Threat Intelligence Center, impact VMware ESX solutions, including VMware ESXi, vSphere, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform.
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp A suspected Russian hacking group known as Wate...
