Cybercriminals are leveraging Google ads to install an infostealer malware (“Atomic”) on macOS and Linux devices via a fake Homebrew website. The malware, sold as a $1,000 per month subscription, steals credentials, browser data and cryptocurrency wallets. The hackers have designed a fake ad that redirects users to a malicious site, brewe.sh instead of the genuine Homebrew site, brew.sh. The Homebrew team has expressed frustration at Google’s lack of action against such scams.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and