🔍 Critical flaws in Microsoft Teams could have allowed attackers to impersonate executives, spoof notifications, and alter messages — breaking the trust of a platform used by 320M+ people. Read more: https://t.co/Ya1UxMHRyl #VulnerabilityResearch #MicrosoftTeams #CyberSecurity

A new approach to static analysis with AI that turns days of research into hours. No MCP or live IDA required. Using GPT-5, we completely cracked XLoader v8, one of the most challenging malware families to analyze. #XLoader #MalwareAnalysis #AI

🚨 We uncovered #security #vulnerabilities in #Windows graphics. #CVE-2025-30388 and CVE-2025-53766 are #BufferOverflows enabling #RemoteCodeExecution. CVE-2025-47984 leaks memory over the network due to an incomplete fix. 👇 https://t.co/mK5qUol34V

LockBit is attempting a comeback! 🎯 The new ransomware variant “ChuongDong”, targeting Windows, Linux, and ESXi, is already in the wild with potential victims span the globe. Read more: https://t.co/UT8GZKqvca

🚨 Check Point Research uncovered a malware distribution network on #YouTube and reported over 3,000 malicious videos. Recent campaigns deliver the latest version of #Rhadamanthys #infostealer. Full report:

👻 Some ghosts never die. Even with #Rust in the #Windows kernel, the Blue Screen of Death still haunts us. We uncovered a #DoS vulnerability in the Rust-based #GDI component that can trigger system-wide crashes and hard reboots. More details in our blog https://t.co/UKDvjBwrkd

🚨 Rhadamanthys v0.9.2 is here! What’s new in this multi-layered stealer’s latest evolution? We break down the updates, tactics, and what defenders need to know. Dive into our blog for the full analysis. https://t.co/b5SL8bWR81

Iranian threat actor #NimbusManticore (aka Smoke Sandstorm) launches advanced malware campaigns targeting Western Europe’s defense & telecom sectors with fake HR lures and evolving stealthy tools. Read More --> https://t.co/8Elb5SXdaz

🧪 Under the Pure Curtain: From RAT to Builder to Coder A deep dive into the Pure malware ecosystem — from IR engagement with ClickFix campaign to Rust loader and PureHVNC RAT deployment. https://t.co/piMQvv4kf8

We analyzed #Yurei, a new ransomware group, and their open-source-based ransomware🔒. This research shows how open-source malware lowers the barrier, so that even low-skilled threat actors can run successful operations. https://t.co/fXJ4QrFpka

🚨 Chasing the Silver Fox: Cat & Mouse in Kernel Shadows CP<r> uncovers: 🦊 Silver Fox APT in the wild 🔓 New vuln driver amsdk.sys 🛡️ EDR/AV evasion via PP/PPL kill ⚔️ Dual-driver trick 🐀 ValleyRAT payload 🚩 Patched driver bypassed w/ 1-byte flip

Phishing, but backwards ↩️ ✉️ Meet #ZipLine, where actors flipped the script: the victims send the first e-mail. 👾 Weeks of back-and-forth later, attackers dropped #MixShell in ZIPs disguised as legal docs. Read more about this elaborate campaign: https://t.co/Kg0FznsHj5

📖 Full write-up here → https://t.co/7NnOY141nF Props to the @cursor_aiteam for fixing it quickly in v1.3. #CyberSecurity #AItools #SupplyChainSecurity #CursorIDE #CheckPointResearch #RCE

🌐 Wider implications: This flaw reveals a deeper trust issue in AI-assisted developer tools. As LLMs & automation get baked into coding workflows, securing the AI supply chain becomes critical.

Three months of confusion. One revelation: God was listening the whole time. Get the rest of the story on my page.

⚙️ How it works: After a user approves an MCP file, Cursor continues to trust it—even if it's later changed. This lets attackers inject malicious code without triggering new prompts.

🚨 New research alert Check Point Research discovered a critical RCE vulnerability (CVE-2025-54136) in Cursor, a fast-growing AI-powered IDE. The flaw allows persistent, silent code execution by modifying previously approved Model Context Protocol (MCP) configs. 🧵More below:

Unmasking the China-nexus #Storm2603 toolset that pre-dated the ToolShell wave. 📅Active since at least Apr 2025. 🔑Multiple ransomware deployed together: LockBit + Warlock. 💥Custom backdoors: ak47dns & ak47http. Read more --> https://t.co/ah6i4DT1FG

The State of Ransomware - Q2 : ⏳Disappearance of significant RaaS groups 🔧Decline in publicly posted victims 🔝Qilin – the new leader introduces innovative extortion methods 🔑Ongoing shift from encryption to data theft-based extortion https://t.co/fR5GR64TcY

Federal investigators are taking a closer look at the Black Lives Matter Global Network Foundation’s finances. What could this probe mean for transparency, accountability, and the broader nonprofit sector?