Real-time threat intelligence from trusted sources
The report highlights the evolving landscape of IT threats in Q3 2025, focusing on malware targeting Windows and macOS personal computers, as well as IoT devices. This indicates a growing severity of cyber threats that could have significant implications for users and organizations relying on these systems.
The Hacker News
The threat actor PlushDaemon has deployed a new Go-based network backdoor called EdgeStepper, which enables adversary-in-the-middle attacks by hijacking DNS queries. This redirection leads to the potential compromise of legitimate software updates, posing a significant risk to affected systems.
Malicious actors can exploit vulnerabilities in ServiceNow's Now Assist AI platform through second-order prompt injection attacks, allowing unauthorized actions and potential data exfiltration. This issue highlights significant security risks associated with default configurations in generative AI systems.
The Hacker News
CVE-2025-58034Fortinet has issued a warning regarding a medium-severity vulnerability in FortiWeb, tracked as CVE-2025-58034, which has been actively exploited in the wild. The flaw, categorized as an OS Command Injection vulnerability, could allow authenticated attackers to execute arbitrary commands on affected systems.