Golden dMSA Attack Targets Windows Server 2025: Persistent Cross-Domain Threat

 

Golden dMSA: Critical Windows Server 2025 Flaw Enables Cross-Domain Persistence & Enterprise-Wide Exploits

A newly uncovered vulnerability in Windows Server 2025 is raising alarm across the cybersecurity community. Dubbed Golden dMSA, the flaw allows attackers to generate valid passwords for all Delegated Managed Service Accounts (dMSAs) and Group Managed Service Accounts (gMSAs)—opening the door to persistent, cross-domain access across an entire Active Directory (AD) forest.

Critical Bug in ‘mcp-remote’ Allows Remote Code Execution

 

                 

Critical mcp-remote Vulnerability (CVE-2025-6514) Enables Remote Code Execution on Client Systems

Cybersecurity researchers have disclosed a critical remote code execution (RCE) vulnerability in the popular open-source project mcp-remote, tracked as CVE-2025-6514 with a CVSS score of 9.6. This vulnerability allows attackers to execute arbitrary operating system commands when a vulnerable MCP client connects to a malicious or untrusted remote MCP server.

Critical Flaws in Ivanti Endpoint Manager Mobile Let Attackers Decrypt User Credentials

 

Ivanti Patches High-Severity Vulnerabilities in Endpoint Manager Mobile – Password Decryption & SQL Injection Risks Identified

Ivanti has released critical security updates for its Endpoint Manager Mobile (EPMM) software, addressing three high-severity vulnerabilities that could allow attackers to decrypt user passwords or extract sensitive data from backend databases.

Google Play Under Siege: Fake PDF App Infected 90K Users with Anatsa Trojan

 

Anatsa Banking Trojan Hits 90,000 Android Users Through Fake PDF App on Google Play

A recent wave of cyberattacks has exposed tens of thousands of Android users in North America to a powerful banking trojan, Anatsa, delivered through a deceptive app posing as a PDF reader on the official Google Play Store.

Iranian Cyber Threats Intensify Against U.S. Defense and OT Networks, Warn Federal Agencies

U.S. Agencies Warn of Escalating Iranian Cyber Threats to Defense and Critical Infrastructure

Multiple U.S. cybersecurity and intelligence agencies have issued a joint advisory cautioning organizations about an uptick in malicious cyber activity tied to Iranian state-sponsored and affiliated actors.

FBI Alert: Scattered Spider's Evolving Cyber Tactics on Airlines

 

Scattered Spider Takes Flight: How Social Engineering Threatens the Skies

The FBI has issued a stark warning to the aviation sector: Scattered Spider, one of today's most dangerous cybercriminal groups, is escalating its attacks against airlines. Their weapon of choice? Not malware. Not zero-days. People.

Bank Sepah Cyberattack: Data Destruction Claims by Israeli Hackers

 

Predatory Sparrow Strikes Again: Suspected Israeli-Linked Hackers Claim Cyberattack on Iran’s Bank Sepah

A shadowy anti-Iranian hacking group, believed to have ties to Israel, has claimed responsibility for a destructive cyberattack targeting Iran’s state-owned Bank Sepah. The group, known as Gonjeshke Darande or “Predatory Sparrow,” alleged via social media on Tuesday that it had successfully infiltrated and destroyed critical data within the bank’s systems.