A new strain of infostealer blending standard malware techniques with unusually advanced features has been detected. First flagged by a Reddit user in April 2025, the malware, known as Chihuahua Stealer, was analyzed by G Data CyberDefense, which shared its findings in a May 13 report. While appearing unsophisticated on the surface, this .NET infostealer employs advanced methods, including stealthy loading, scheduled task persistence and a multi-staged payload. Multi-Stage PowerShell Script Infection On April 9,…

INE Security, a global leader in hands-on cybersecurity training and certifications, today highlighted how ongoing real-world practice with the latest CVEs (Common Vulnerabilities and Exposures) is essential for transforming security teams from reactive to proactive defenders. With over 26,000 new CVEs documented in the past year, security teams are drowning in vulnerability alerts while facing exploit windows that have compressed to hours in many cases. “Reading CVE bulletins is not the same as knowing how…

Law enforcement agencies in five regions have joined forces to take down an organized crime group responsible for defrauding scores of victims, according to Europol. The European police group claimed that at least 100 victims have been defrauded to the tune of over €3m ($3.4m), by a criminal network offering them high returns on fake investment opportunities. The operation began nearly three years ago in Germany, when a married couple reportedly notified local police that…

When people hear “supply chain attack,” their minds often go to headline-grabbing breaches. But while analysts, CISOs, and journalists dissect those incidents, a more tactical and persistent wave of attacks has been unfolding in parallel; one that’s laser-focused on small businesses as the point of entry. This isn’t collateral damage. It’s by design. Cybercriminals aren’t always trying to figuratively kick down the front doors of well-defended enterprises. Instead, they’re probing the digital perimeter for softer…

Microsoft has released security updates to fix seven zero-day vulnerabilities, five of which are under active exploitation. This month’s Patch Tuesday saw the tech giant release fixes for over 70 vulnerabilities, including five actively exploited zero-days, which are: CVE-2025-32701: An elevation of privilege (EoP) vulnerability in Windows Common Log File System Driver  CVE-2025-32709: An EoP bug in Windows Ancillary Function Driver for WinSock  CVE-2025-30397: A remote code execution (RCE) vulnerability in Microsoft Scripting Engine CVE-2025-32706:…