A critical vulnerability (CVE-2025-26849) in Docusnap allows attackers to decrypt sensitive system data due to a static encryption key used for inventory files. This flaw grants domain users read access to files, facilitating data extraction. Despite attempts to patch the issue, researchers found hardcoded keys still present in newer versions. Users should audit permissions and apply necessary patches.
New BlueNoroff Campaign Uses Fileless PowerShell and AI-Generated Zoom Lures
A dangerous new cyber campaign from North Korea’s Lazarus Group is targeting cryptocurrency and Web3 professionals using fake Zoom meeting interfaces, fileless PowerShell scripts, and
