SecurityWeek

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress has released patches for multiple remote code execution and OS command injection flaws in MOVEit WAF and LoadMaster.
Bitdefender

What is a proxy server? How it works, types & risks

Learn what a proxy server is, how it works, the different types, and the hidden risks - so you can decide if it’s safe for ...
CSO Online

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...
SecurityWeek

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

The China-linked APT GopherWhisper has been using legitimate services and various Go-based backdoors in attacks.
WeLiveSecurity

GopherWhisper: A burrow full of malware

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian ...

ESET Research discovers new China-aligned group, GopherWhisper: It abuses messaging services Discord, Slack, and Outlook to spy

ESET Research has uncovered a new China-aligned APT group, which has been named GopherWhisper, that targets governmental ...

Threat actor uses Microsoft Teams to deploy new “Snow” malware

A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

Did Trump share post threatening to release 'Vatican files' that could 'bring down' Catholic Church?

The claim circulated in the form of a screenshot purportedly showing a Truth Social post by President Donald Trump.