Reza Rafati
-
China-Linked Hackers Exploit Legacy Flaws and IIS Servers in Global Espionage Surge
Chinese state-linked cyber actors are increasingly leveraging well-known vulnerabilities and exploiting server misconfigurations to establish enduring footholds within critical networks globally, according to recent reports from cybersecurity researchers.
·
·
2–3 minutes -
Bulgaria Seeks State Control Over Key Lukoil Refinery Amid U.S. Sanctions
Bulgaria’s parliament has enacted new legislation to place the nation’s largest oil refinery, Lukoil Neftochim Burgas, under state control, a direct response to recent U.S. sanctions targeting the Russian energy…
·
·
2–3 minutes -
Chinese State-Backed Hackers Weaponize Old Software Flaws for Global Espionage
Chinese state-backed hackers are exploiting old software vulnerabilities like Log4j and Microsoft IIS for global espionage, bypassing advanced defenses. This highlights the critical need for rigorous patch management against seemingly…
·
·
2–3 minutes -
Russia Enacts New Reservist Law Amid Ukraine War, Sparking ‘Hidden Mobilization’ Concerns
A new Russian law allowing reservist call-ups for ‘special training’ amid the Ukraine war has sparked concerns of a ‘hidden mobilization’ to bolster forces, though its impact remains debated.
·
·
1–2 minutes -
Samsung Patches High-Severity Flaw Allowing Remote Code Execution on Android Devices
Samsung has patched a high-severity flaw, CVE-2025-21042, in its Android devices, which could allow remote code execution without user interaction. Users are urged to apply the April 2025 Security Maintenance…
·
·
2–3 minutes -
Hidden “Logic Bombs” Found in Popular Software Packages, Threatening Future Industrial Sabotage and Data Corruption
Security researchers have uncovered a new wave of ‘logic bombs’ hidden within commonly used software, designed to disrupt critical industrial systems and corrupt databases, posing significant challenges for detection and…
·
·
2–3 minutes -
Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions
A previously unidentified threat cluster, codenamed UNK_SmudgedSerpent, has been linked to a series of cyberattacks targeting academics and foreign policy experts in the U.S. during June-August 2025.
·
·
1–2 minutes -
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
Federal prosecutors in the United States have indicted three individuals, including cybersecurity professionals, for allegedly hacking into the networks of five U.S. companies using BlackCat (also known as ALPHV) ransomware…
·
·
1–2 minutes -
WordPress Sites Targeted by Critical Post SMTP Plugin Vulnerability
A critical vulnerability in the Post SMTP WordPress plugin (CVE-2025-11833) is actively being exploited, risking websites with over 400,000 active installations. Attackers can access email logs to intercept sensitive information,…
·
·
1–2 minutes -
U.S. Prosecutors Indict Three in BlackCat Ransomware Scheme
Federal prosecutors in the United States have indicted three individuals for allegedly operating as part of a BlackCat (ALPHV) ransomware operation, targeting five U.S. companies and extorting significant sums.
·
·
1–2 minutes
