Elles De Yeager
-
Fake FFmpeg Update Infects Mac Users with Backdoor
A new backdoor campaign is targeting Mac users, tricking them into installing malicious software disguised as an FFmpeg update. This attack begins with fake job offers on LinkedIn, luring victims to a specialized website for a “job assessment.” The site then prompts a fake FFmpeg “update,” instructing victims to run a `curl` command that installs…
-
The European Union Votes to Deepen Defense Industry Ties with Ukraine
European Union lawmakers have voted to deepen the integration of the bloc’s defense industry with Ukraine, approving a 1.5-billion euro program. This strategic move aims to foster a more resilient and sovereign Europe by collaborating with Ukraine to build a cutting-edge military-industrial complex, deemed crucial for protecting democracies autonomously.
-
Air Force practices operating from cut-off bases in fierce future war
The U.S. Air Force is actively preparing for potential conflicts, focusing on the ability of its units to operate independently from remote locations, even if communications are disrupted or supplies are cut off. This initiative is vital for future high-end warfare.
-
U.S. Navy conducts joint mission with Guyana near Essequibo
The USS Winston S. Churchill, a U.S. Navy destroyer, recently completed a joint mission with Guyana’s GDFS Shahous in the Caribbean Sea. This operation, which occurred on November 22, signals expanded maritime cooperation and supports U.S. Southern Command’s counter-drug operations and broader Department of War tasking, especially amid recent regional instability concerning the Essequibo region.
-
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
Grafana has issued urgent security updates for a critical vulnerability in its SCIM provisioning feature, carrying a maximum CVSS score of 10.0. This flaw (CVE-2025-41115) could allow attackers to escalate privileges or impersonate users, especially in Grafana versions 12.x where SCIM provisioning is active, leading to a newly provisioned user being treated as an existing…
-
Google: Data of two hundred Salesforce customers stolen via Gainsight apps
A major cyberattack has resulted in the theft of data from over 200 Salesforce customers, stemming from compromised Gainsight applications. The group claiming responsibility is known as “Scattered Lapsus$ Hunters,” also identified as UNC6040 by Google’s Mandiant team.
-
AI-Based Obfuscated Malware Evades AV Detection
Malicious Android applications use AI-powered obfuscation to bypass antivirus detection. These apps mimic delivery services, steal user data, and employ sophisticated evasion techniques. Security analysts identified advanced obfuscation, making reverse engineering difficult.
-
ShadowRay 2.0: Ray AI Flaw Exploited for Cryptomining
ShadowRay 2.0 exploits a Ray AI flaw, creating a self-spreading GPU cryptomining botnet. Attackers use unpatched vulnerabilities, GitLab, and GitHub to spread malware and hijack computing power.
-
German Firms Pioneer Mobile 3D Printing for Field Use
German firms NextFab and KMW develop a mobile 3D printing system for rapid deployment, revolutionizing military logistics and disaster response with on-site manufacturing of critical components.
-
Ukraine Mass Produces Octopus Drone Interceptors
Ukraine begins mass production of Octopus drone interceptors to counter Iranian-made Shahed drones, enhancing aerial defense and safeguarding infrastructure.