Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway.
From hidden software bugs to massive DDoS attacks and new ransomware tricks, this week’s roundup gives you the biggest security moves to know. Whether you’re protecting key systems or locking down cloud apps, these are the updates you need before making your next security decision.
Take a quick look to start your week informed and one step ahead.
âš¡ Threat of the Week
Cisco 0-Day Flaws Under Attack — Cybersecurity agencies warned that threat actors have exploited two security flaws affecting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. The RayInitiator and LINE VIPER malware represent a significant evolution on that used in the previous campaign, both in sophistication and its ability to evade detection. The activity involves the exploitation of CVE-2025-20362 (CVSS score: 6.5) and CVE-2025-20333 (CVSS score: 9.9) to bypass authentication and execute malicious code on susceptible appliances. The campaign is assessed to be linked to a threat cluster dubbed ArcaneDoor, which was attributed to a suspected China-linked hacking group known as UAT4356 (aka Storm-1849).
🔔 Top News
- Nimbus Manticore Uses MiniJunk in Critical Infra Attacks — An Iran-linked cyber-espionage group has expanded its operations beyond its traditional Middle Eastern hunting grounds to target critical infrastructure organizations across Western Europe using constantly improving malware variants and attack tactics. Nimbus Manticore, which overlaps with UNC1549 or Smoke Sandstorm, has been observed targeting defense manufacturing, telecommunications, and aviation companies in Denmark, Portugal, and Sweden. Central to the campaign are MiniJunk, an obfuscated backdoor that gives the attacker persistent access to infected systems, and MiniBrowse, a lightweight stealer with separate versions for stealing credentials from Chrome and Edge browsers. MiniJunk is an updated version of MINIBIKE (aka SlugResin), with the emails directing victims to fake job-related login pages that appear to be associated with companies like Airbus, Boeing, Flydubai, and Rheinmetall. In a further escalation of its tactics, Nimbus Manticore has been observed using the service SSL.com starting around May 2025 to sign their code and pass off malware as legitimate software programs, leading to a “drastic decrease in detections.”
- ShadowV2 Targets Docker for DDoS Attacks — A novel ShadowV2 bot campaign is turning distributed denial-of-service (DDoS) attacks into a full-blown for-hire business by targeting misconfigured Docker containers on AWS. Instead of relying on prebuilt malicious images, the attackers build containers on the victim’s machine itself to launch a Go-based RAT that can launch DDoS attacks. The exact…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
