A critical vulnerability (CVE-2025-26849) in Docusnap allows attackers to decrypt sensitive system data due to a static encryption key used for inventory files. This flaw grants domain users read access to files, facilitating data extraction. Despite attempts to patch the issue, researchers found hardcoded keys still present in newer versions. Users should audit permissions and apply necessary patches.
Suspected Iran-backed hackers target UAE with newly discovered ‘Sosano’ malware
A hacker group, known as UNK_CraftyCamel, has targeted organizations in the UAE, potentially linked to Iran’s Islamic Revolutionary Guard Corps. The hackers used an email
