GOLD BLADE Remote DLL Sideloading Attack Deploys RedLoader
Attacks surged in July 2025 after the threat group updated its process to combine malicious LNK files and a recycled WebDAV technique
Similar Posts
Treasury agrees to block additional DOGE staff from accessing sensitive payment systems
Bys sSuzanne Smalley reports: The Treasury Department has agreed to temporarily block all but two members of the Trump administration’s Department of Government Efficiency (DOGE) team from accessing sensitive payment records and to limit their access to “read-only,” according to a Wednesday court filing. The DOGE workers allowed to continue accessing Treasury’s payment systems are Tom…
HPE Investigating Breach Claims After Hacker Offers to Sell Data
Bys sHPE is investigating claims by the hacker IntelBroker, who is offering to sell source code and other data allegedly stolen from the tech giant. The post HPE Investigating Breach Claims After Hacker Offers to Sell Data appeared first on SecurityWeek.
Large medical lab in South Africa suffers multiple data breaches
Bys sJan Vermeulen reports: Lancet Laboratories has suffered multiple data breaches and was fined R100,000 for failing to respond to the South African Information Regulator’s demands to address shortcomings in its systems. Information Regulator chairperson Pansy Tlakula recently revealed that Lancet paid the fine, which was issued after it failed to comply with an enforcement notice……
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
Bys sIt got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal. Forums go down and come back worse. Cheap hackers get better toys. AI starts breaking real systems. Great. Read the whole…
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories
Bys sIt’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they’re blending in, hijacking everyday tools, trusted apps, and even AI assistants. What used to feel like clear-cut “hacker stories” now looks more like a mirror of the systems we all use. This week’s…
Four months after learning of a vendor’s breach, Concord Orthopaedics notifies almost 68,000 patients
Bys sIn November 2024, Everest Team added Concord Orthopaedics (“COPA”) to its dark web leak site (DLS) with screenshots offered as proof of claims. At the time, Everest claimed to have acquired “medical records and personal data of all patients from 2018. More than 30,000 identity documents.” On March 25, 2025, COPA mailed notifications to those…