Threat actors are using a recently patched vulnerability in Microsoft WSUS, known as CVE-2025-59287, to distribute ShadowPad malware. This backdoor, linked to Chinese hacking groups, allows attackers to execute commands and install additional malicious tools on compromised systems.

This article analyzes a series of DNG image exploits discovered between July 2024 and February 2025, targeting the Quram library on Samsung devices. The exploits bypassed security by leveraging WhatsApp to deliver malicious images, ultimately aiming to execute code within a specific Samsung system service.

Kaspersky uncovered a cyber espionage campaign dubbed Operation ForumTroll, where sophisticated phishing emails led to infections via a zero-day exploit in Google Chrome. The malware identified, known as "Dante," was traced back to the Italian company Memento Labs and utilized advanced techniques to bypass browser security measures, highlighting ongoing vulnerabilities in web applications.