The cyber threat actor APT-C-60 used a job application distraction to target a Japanese business with a malware campaign, according to JPCERT/CC. An email appearing to be from a prospective employee contained malware which leveraged Google Drive, Bitbucket, and StatCounter. The South Korean group is known for its attacks in East Asia. They were also observed exploiting a vulnerability in WPS Office to execute a custom backdoor attack.
Lessons From Mongobleed Vulnerability (CVE-2025-14847) That Actively Exploited In The Wild
The cybersecurity community was alarmed in late December 2025 when MongoDB announced a serious vulnerability called “Mongobleed” (CVE-2025-14847). This high-severity flaw allows unauthenticated attackers to
