Microsoft Issues Unannounced Patch for Zero-Day LNK Vulnerability Used in Real-World Attacks

Microsoft quietly patched CVE-2025-9491, a Windows LNK flaw abused by state actors since 2017 for malware attacks ...
Business Times

Microsoft Quietly Fixes Windows LNK Zero-Day After Years of Global Exploitation by State Hackers

Microsoft quietly issued a fix for a long-exploited Windows zero-day vulnerability in its November security updates, closing ...
SecurityWeek

US Organizations Warned of Chinese Malware Used for Long-Term Persistence

The China-linked Warp Panda APT has deployed the BrickStorm malware on VMware servers at US legal, manufacturing, and ...

Chinese hackers reportedly targeting government entities using 'Brickstorm' malware

Hackers with links to China reportedly successfully infiltrated a number of unnamed government and tech entities using ...

Chinese hackers used Brickworm malware to breach critical US infrastructure

CISA and friends are sounding the alarm, once again, for Chinese state-sponsored hackers ...

Critical React2Shell flaw actively exploited in China-linked attacks

Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and ...

CrowdStrike Identifies New China-Nexus Espionage Actor

CrowdStrike’s investigation shows that WARP PANDA initially infiltrated some victim networks as early as late 2023, later ...
Gadget Review on MSN

Your trusted browser extensions just became Chinese spyware

Chinese hackers turned 4.3 million trusted browser extensions into spyware, capturing every click and search through routine ...
SecurityWeek

In Other News: X Fined €120 Million, Array Flaw Exploited, New Iranian Backdoor

X has been fined €120 Million by the EU, an Array gateway flaw has been exploited, and ESET has discovered a new Iranian backdoor.