Resources

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military.
Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result of insufficient sanitization of HTML content in ICS calendar files,

Related resources

12 January 2026

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers’ OAuth credentials. […]

2 September 2025

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog Anti-malware as part of a Bring Your Own Vulnerable […]

4 November 2025

A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces

The nascent collective that combines three prominent cybercrime groups, Scattered Spider, LAPSUS$, and ShinyHunters, has created no less than 16 Telegram channels since August 8, 2025. “Since its debut, the […]

CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

Weekly Update 472

Resources

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

Related resources

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces

Links

Enterprise Solutions

SMB Solutions

Contact Us

Follow Us