Over 75,000 WatchGuard Security Devices Vulnerable to Critical RCE

Nearly 76,000 WatchGuard Firebox network security appliances are exposed on the public web and remain vulnerable to a critical flaw (CVE-2025-9242) that allows unauthenticated remote code execution. Most affected devices are located in Europe and North America, with the U.S. leading (24,500 devices), followed by Germany, Italy, the U.K., Canada, and France.

Source: BleepingComputer

—

Self-Spreading GlassWorm Malware Hits OpenVSX, VS Code Registries

A new supply-chain attack targets developers on OpenVSX and Microsoft Visual Studio marketplaces using self-spreading malware called GlassWorm, installed an estimated 35,800 times. It hides malicious code with invisible characters and spreads via stolen accounts. The malware’s operators use Solana blockchain for C2, with Google Calendar as backup.

Source: BleepingComputer

—

To Be (A Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER

Google Threat Intelligence Group (GTIG) reports that COLDRIVER, a Russian state-sponsored group, has deployed new malware families following the public exposure of its LOSTKEYS malware in May 2025. The new malware shows a rapid increase in development and aggressive deployment, replacing LOSTKEYS entirely in recent operations.

Source: Google Cloud

—

Five New Exploited Bugs Land in CISA’s Catalog — Oracle and Microsoft Among Targets

CISA added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including two actively exploited Oracle E-Business Suite flaws (CVE-2025-61884 and CVE-2025-61882). The vulnerabilities allow unauthenticated remote code execution and unauthorized data access. Oracle and Microsoft systems are among those impacted.

Source: TheHackerNews

—

Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities

Vidar Stealer v2.0 has been released, transitioning from C++ to C for improved speed and efficiency. The new version adds anti-analysis features, multithreaded data theft, and advanced credential extraction methods. It maintains a $300 lifetime price and continues to compete with other major infostealers like Lumma and StealC.

Source: TrendMicro