Security researchers recently uncovered a PowerShell script posted on Pastebin that was purpose-built to steal Telegram session data from both desktop and web clients. Masquerading as a benign “Windows Telemetry Update,” the script quietly collects host metadata, locates Telegram session stores, compresses them into an archive, and exfiltrates the file to an attacker-controlled Telegram bot. The discovery is notable less
Category: Cybersecurity
Zero-Day, APT, Exfiltration, Lateral-Movement, Privilege-Escalation, Botnet, Rootkit, Backdoor, Keylogger, Smishing, Vishing, Spear-Phishing, Social-Engineering, MITM, SQL-Injection, XSS, CSRF, Path-Traversal, Buffer-Overflow, Honeypot, CVE, CVSS, Red-Team, Blue-Team, Threat-Hunting, Malware-Analysis, MITRE-ATT&CK, Insider-Threat, Jailbreak, Shellcode, Exploit-Kit, LFI, RFI, Obfuscation, Payload, security advisory, vulnerability disclosure, CWE, OWASP, cybersecurity news, threat intelligence, SOC, SIEM, cryptotheft, evasion, CVE Security
CISA: Zimbra XSS (CVE-2025-48700) Now Exploited — 10,500+ Servers Vulnerable
Over 10,000 instances of the Zimbra Collaboration Suite are exposed online and remain vulnerable to an actively exploited cross-site scripting flaw, raising fresh alarms about email server security for governments and businesses alike. The vulnerability, tracked as CVE-2025-48700, is serious because it can be triggered without user interaction and has been confirmed as abused in the wild, prompting action from
Hackers Leverage Microsoft Teams to Breach Organizations: Inside UNC6692’s SNOW Campaign
In late 2025 and into early 2026, a sophisticated intrusion campaign used the everyday familiarity of Microsoft Teams to turn routine collaboration into a direct route for enterprise compromise. By posing as IT helpdesk staff and exploiting users’ trust in external Teams invitations, the threat group tracked as UNC6692 moved from a simple chat message to full domain-level access—without exploiting
OpenAI Debuts Shared Workspace Agents to Automate Team Handoffs
OpenAI has introduced a new class of ChatGPT tools called shared workspace agents — always-on assistants designed to carry work across systems and through multi-step processes without constant human prompting. Built on Codex, these agents aim to reduce the friction of manual handoffs inside teams by gathering information from connected systems, executing defined steps, and returning results in a way
109 Fake GitHub Repositories Used to Deliver SmartLoader and StealC Malware
A large-scale campaign recently uncovered shows how attackers abused the trust developers place in open-source hosting to distribute two dangerous malware families, SmartLoader and StealC. By cloning legitimate projects and burying malicious ZIP archives deep inside repository structures, the threat actor made harmful downloads look like routine releases. For many victims the repository looked authentic at a glance: real source
Microsoft Teams’ Efficiency Mode Arrives for Low‑End Devices
Microsoft is rolling out an Efficiency Mode for Microsoft Teams designed to help devices with limited CPU and memory run the app more smoothly. Announced in a Microsoft message center update, the feature will be enabled by default on eligible hardware and aims to improve responsiveness and meeting quality by dynamically adjusting how Teams uses system resources. What Efficiency Mode