Threat actors have been using multiple websites promoted through Google ads to distribute a convincing PDF editing app that delivers an info-stealing malware called TamperedChef. The campaign is part of a larger operation with multiple apps that can download each other, some of them tricking users into enrolling their system into residential proxies. More than
US Army awards RTX $1.7B for new missile defense radar production
A full scale model of Raytheon’s Lower Tier Air and Missile Defense Sensor, a next-generation radar that will defeat advanced threats like hypersonic weapons. (Photo courtesy of Raytheon) The U.S. Army awarded Raytheon a $1.7 billion contract to produce a new missile defense sensor that will replace the current Patriot system’s radar, according to an
WhatsApp patches vulnerability exploited in zero-day attacks
WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks. The company says this zero-click flaw (tracked as CVE-2025-55177) affects WhatsApp for iOS prior to version 2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78. “Incomplete authorization of linked device synchronization messages in
Google warns Salesloft breach impacted some Workspace accounts
Google now reports that the Salesloft Drift breach is larger than initially thought, warning that attackers also used stolen OAuth tokens to access a small number of Google Workspace email accounts in addition to stealing data from Salesforce instances. “Based on new information identified by GTIG, the scope of this compromise is not exclusive to
Pentagon forms new task force to fast-track counter-drone capabilities
The new Joint Interagency Task Force 401, announced Thursday, could help reshape a growing market projected to reach tens of billions of dollars over the next decade. (Pvt. 2nd Class James Newsome/Army) The Pentagon is scrapping its old playbook for defending against small drones, moving beyond years of evaluations and studies toward a model that
Storm-0501 hackers shift to ransomware attacks in the cloud
Microsoft warns that a threat actor tracked as Storm-0501 has evolved its operations, shifting away from encrypting devices with ransomware to focusing on cloud-based encryption, data theft, and extortion. The hackers now abuse native cloud features to exfiltrate data, wipe backups, and destroy storage accounts, thereby applying pressure and extorting victims without deploying traditional ransomware encryption
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System
Executive summary People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military infrastructure networks. While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) routers, they also leverage compromised
Google to verify all Android devs to block malware on Google Play
Google is introducing a new defense for Android called ‘Developer Verification’ to block malware installations from sideloaded apps sourced from outside the official Google Play app store. For apps on Google Play, there was already a requirement for publishers to provide a D-U-N-S (Data Universal Numbering System) number, introduced on August 31, 2023. Google says this has had a
Multiple vulnerabilities affecting NetScaler ADC and NetScaler Gateway devices
This alert has been written for technical IT services supporting organisations, such as critical infrastructure, and government. Background ASD’s ACSC is aware of multiple vulnerabilities impacting NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) products:• CVE-2025-7775 (Critical) involves a memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service.• CVE-2025-7776 (High) involves
Vulcan Elements wins Pentagon deals as $65M round fuels expansion
Vulcan Elements has landed more than $10 million in Defense Department contracts across every branch of the U.S. military. Here, an engineer demonstrates Vulcan’s commissioned strip caster. (Courtesy Vulcan Elements) Vulcan Elements, a 2-year-old startup manufacturing rare earth magnets in North Carolina, has quietly landed more than $10 million in Defense Department contracts across every