GOLD BLADE Remote DLL Sideloading Attack Deploys RedLoader
Attacks surged in July 2025 after the threat group updated its process to combine malicious LNK files and a recycled WebDAV technique
Similar Posts
HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
Bys sIn October 2023, Deer Oaks Behavioral Health in Texas disclosed a ransomware attack that affected 171,871 patients, which they discovered on September 1, 2023. LockBit3.0 claimed responsibility at the time and leaked data from the incident. Today, HHS OCR announced a settlement with Deer Oaks following an expanded investigation that had been opened after an…
Honeywell vulnerability exposes building systems to cyber attacks
Bys sJoe Burns reports: Vulnerabilities have been discovered in Honeywell’s smart building middleware that could allow hackers to manipulate physical systems or disable security alarms, cybersecurity firm Nozomi Networks Labs said Wednesday. Researchers at the cybersecurity firm have discovered 13 vulnerabilities affecting the Niagara Framework, which was developed by Tridium, a Honeywell company. […] Tridium’s Niagara Framework…
Data breach of patient info ends in firing of Miami hospital employee
Bys sMichelle Marchante provides today’s reminder of the insider threat: More than 2,000 patients at Jackson Health System had their personal data, including names, address and medical information, accessed in a lengthy breach that spanned nearly five years. The data breach was conducted by a Jackson employee who accessed the information to promote a personal healthcare…
Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)
Bys sA recently disclosed security flaw impacting 7-Zip has come under active exploitation in the wild, according to an advisory issued by the U.K. NHS England Digital on Tuesday. The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0), which allows remote attackers to execute arbitrary code. It has been addressed in 7-Zip version 25.00 released in…
Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets
Bys sCybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users’ digital assets at risk. “These extensions impersonate legitimate wallet tools from widely-used platforms such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, MyMonero, Bitget, Leap, Ethereum Wallet, and Filfox
Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
Bys sFortinet has officially confirmed that it’s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. “In the last 24 hours, we have identified a number of cases where the exploit was to a device that had been fully upgraded to the latest release at the…