F‑Droid at risk as Google enforces identity verification for all Android developers Summary of the change and immediate concern F‑Droid, the volunteer‑run catalog and installer for free and open‑source Android applications, has warned that Google’s new requirement for all Android developers to verify their identity could threaten the project’s continued operation. The change obligates developer…
“Battering RAM” Hardware Interposer Can Bypass Intel and AMD Cloud Defenses, Researchers Show Summary of the disclosure Researchers from KU Leuven and the University of Birmingham have demonstrated a practical hardware attack they call “Battering RAM,” using a low-cost interposer that sits in the DRAM channel and can bypass recent security protections on Intel and…
Phantom Taurus: China‑Linked Group Deploys Stealth Malware Against Governments and Telecoms Overview Security researchers at Palo Alto Networks Unit 42 have identified a previously undocumented, China‑aligned nation‑state actor they call “Phantom Taurus.” According to Unit 42, Phantom Taurus has operated for roughly two and a half years, targeting government and telecommunications organizations across Africa, the…
EvilAI Campaign: Malware Masquerading as AI Tools to Seed Global Intrusions Summary of the discovery Security researchers have identified a campaign in which threat actors use seemingly legitimate artificial intelligence (AI) and productivity tools as the delivery mechanism for malware. According to Trend Micro, attackers are deploying these AI-enhanced or productivity applications to slip malicious…
EvilAI Campaign: Malware Delivered Through Trojanized AI and Productivity Tools Summary of the discovery Security researchers at Trend Micro have identified a campaign in which threat actors distribute malware by posing as legitimate artificial intelligence (AI) tools and productivity software. The operators deliver trojanized installers and seemingly benign utilities that, once executed, establish footholds for…
Akira Ransomware Bypassing OTP-Protected SonicWall SSL VPN Accounts — What Practitioners Need to Know Overview of the incident Security researchers tracking ongoing attacks by the Akira ransomware group report the actors have been successfully authenticating to SonicWall SSL VPN accounts even when one-time passcode (OTP) multi-factor authentication (MFA) is enabled. Initial analysis suggests the likely…
EU Opens Antitrust Probe into SAP’s Aftermarket Support for On-Premise ERP What the Commission is investigating On 28 September 2025 the European Commission announced a probe into whether SAP has engaged in anti-competitive practices in the aftermarket services it provides for its on‑premise enterprise resource planning (ERP) software. The investigation focuses on the market for…
Malvertising and SEO Poisoning Deliver Fake Microsoft Teams Installers that Install Oyster Backdoor Summary of the campaign Security researchers have observed attackers using search engine optimization (SEO) poisoning and paid search advertisements to surface malicious pages that present fake Microsoft Teams installers to Windows users. When downloaded and executed, these installers deploy the Oyster backdoor,…
China-linked PlugX Variant and Bookworm Campaign Target Asian Telecoms and ASEAN Networks Summary of the campaign Security reporting highlights an ongoing campaign that is distributing a new variant of the PlugX backdoor (also known as Korplug or SOGU) while targeting telecommunications and manufacturing organizations across Central and South Asia, with impacts reported in ASEAN networks.…
Microsoft Tests AI Auto-Categorization for Photos on Windows 11 Overview Microsoft has begun testing a new AI-powered capability in the Microsoft Photos app that automatically organizes photos on Windows 11 devices. The feature, currently in testing, is intended to categorize images to make search and browsing faster and more intuitive. Microsoft’s announcement signals another major…