Month: August 2025

Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate software for malicious purposes.
“In this incident, the threat actor used the tool to download and execute Visual Studio Code with the likely intention of creating a

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. 
The flaws, per watchTowr Labs, are listed below –

CVE-2025-53693 – HTML cache poisoning through unsafe reflections
CVE-2025-53691 – Remote code execution (RCE) through insecure deserialization
CVE-2025-53694 –

The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments.
“Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key,

Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances.
The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows –

CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user

Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks.
Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical telecommunications infrastructure between February and November 2024.
The attacks are characterized by the