China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware
A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been linked to cyber espionage attacks noted in Southeast Asia and Japan. According to ESET, the group leverages Windows Group Policy to deploy malware across compromised networks and abuses cloud services such as Microsoft OneDrive and Google Drive for command-and-control operations.
Source: The Hacker News

Coordinated Credential-Based Campaign Targets Cisco and Palo Alto Networks VPN Gateways
GreyNoise is tracking a coordinated, automated credential-based campaign targeting enterprise VPN authentication infrastructure, including Cisco SSL VPN and Palo Alto Networks GlobalProtect. The activity consists of large-scale scripted login attempts rather than vulnerability exploitation and appears to be a single campaign pivoting across multiple VPN platforms.
Source: GreyNoise

Lazarus Group Embed New BeaverTail Variant in Developer Tools
Darktrace research has identified a new variant of the JavaScript-based BeaverTail infostealer linked to North Korea’s Lazarus Group. The malware is distributed through fake job offers that lure developers into downloading tools supposedly required for technical interviews, which instead compromise victim systems.
Source: Hackread

Clop Ransomware Targets Gladinet CentreStack in Data Theft Attacks
The Clop ransomware gang is targeting internet-exposed Gladinet CentreStack file servers as part of a new data theft extortion campaign. Attackers are actively scanning for exposed servers, breaching them, and leaving ransom notes, despite previous security updates released by Gladinet to address exploited vulnerabilities.
Source: BleepingComputer

Rust’s First Breach: CVE-2025-68260 Marks the First Rust Vulnerability in the Linux Kernel
A vulnerability tracked as CVE-2025-68260 has been fixed in the Linux kernel, marking the first officially assigned CVE for Rust code in the mainline kernel. The issue affects the Rust-based Android Binder driver and could lead to system crashes due to unsafe concurrent manipulation of linked list elements.
Source: Security Online