RECON

FortiGuard Labs analyzes EncystPHP, a stealthy web shell exploiting CVE-2025-64328 in FreePBX environments to enable remote command execution, persistence, and long-term system compromise

Apply for the EMEA Youth & Wellbeing Grant, a €500,000 program funding NGOs and researchers advancing youth safety and wellbeing in the age of AI.

At Intigriti, we host monthly web-based Capture The Flag (CTF) challenges as a way to engage with the security researcher community. January's challenge presented participants with CRYPTIGRITI, a cryptocurrency trading platform where users could buy and trade Bitcoin (BTC), Monero (XMR), and a custom digital currency, 1337COIN. This article provides a step-by-step walkthrough for solving January's CTF challenge while demonstrating techniques for exploiting insecure postMessage implementations...

OpenAI launches the EU Economic Blueprint 2.0 with new data, partnerships, and initiatives to accelerate AI adoption, skills, and growth across Europe.

Learn how OpenAI protects user data when AI agents open links, preventing URL-based data exfiltration and prompt injection with built-in safeguards.

ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation

Key findings  TA584 is one of the most prominent cybercriminal threat actors tracked by Proofpoint threat researchers.  In 2025, the actor demonstrated multiple attack chain changes including expanded global targeting; ClickFix social engineering; and delivering new malware, Tsundere Bot.   TA584’s activity is unique in the cybercrime landscape and shows how static detections alone are not reliable for constantly innovating threat actors.   Overview  Proofpoint tracks multiple sophisticated c...