A new Android malware called Crocodilus is causing concern due to its ability to steal cryptocurrency wallet credentials through social engineering tactics. Distributed through a proprietary dropper that evades Google’s security protections, the malware uses a forged overlay screen to trick users into giving their seed phrase, which allows hackers total control of the victim’s wallet. Security measures such as never sharing your wallet seed phrase, avoiding sideloading apps, and regularly updating your Android OS can help protect against this type of threat.
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and
