DHS Targets Canadian Individual for Online Criticism of Immigration Actions Recent developments have surfaced regarding the Department of Homeland Security’s (DHS) efforts to track the location and online activities of a Canadian man who voiced criticism of the Trump administration after the controversial actions of federal immigration agents. This situation…
A gunman attempted to breach the White House Correspondents’ Dinner in Washington, DC, last weekend, where President Donald Trump, Vice President JD Vance, and various administration officials were present. Authorities quickly identified the suspect as 31-year-old Cole Tomas Allen, an engineer and computer scientist from California. He was apprehended at…
On Thursday, Apple announced a series of security updates to address three zero-day vulnerabilities that have been identified as actively exploited in the wild. The patches are part of updates for iOS, iPadOS, macOS, and watchOS, specifically targeting flaws within the FontParser component and kernel. These vulnerabilities could allow attackers…
In a recent update during its November 2020 Patch Tuesday, Microsoft disclosed fixes for 112 newly identified security vulnerabilities. This release notably includes a zero-day flaw that was actively exploited and brought to light by Google’s security team the previous week. The series of patches issued addresses a variety of…
In a proactive move to fortify user accounts against potential cyber threats, OpenAI has introduced a new feature called Advanced Account Security. Announced on Thursday, this enhancement aims to provide an additional layer of protection for users of ChatGPT and Codex, significantly complicating the likelihood of account takeover incidents. The…
Recent Security Breaches Underscore Growing Cyber Threats In an alarming series of recent cyber incidents, it has become evident that some of the most significant security breaches often unfold quietly, without immediate alert signals. These breaches usually involve subtle actions that may appear innocuous, highlighting a troubling trend in which…
Google Unveils Unpatched and Poorly Fixed Windows 0-Day Vulnerability
Dec 24, 2020
Google’s Project Zero team has disclosed details about a poorly addressed zero-day security flaw in the Windows print spooler API, potentially allowing malicious actors to execute arbitrary code. The flaw was made public after Microsoft failed to resolve it within 90 days of responsible disclosure on September 24. Initially identified as CVE-2020-0986, the vulnerability involves an elevation of privilege exploit in the GDI Print / Print Spooler API (“splwow64.exe”) reported to Microsoft by an anonymous user collaborating with Trend Micro’s Zero Day Initiative (ZDI) in late December 2019. With no patch provided for nearly six months, ZDI publicly issued a zero-day advisory on May 19, which led to exploitation in a campaign known as “Operation PowerFall” targeting an unnamed South Korean company. “splwow64.exe” is a core Windows system binary that facilitates 32-bit application compatibility.
Google Exposes Unpatched Windows Zero-Day Vulnerability On December 24, 2020, Google’s Project Zero disclosed details about a critical yet poorly patched zero-day vulnerability within the Windows print spooler API. This flaw opens the door for malicious actors to execute arbitrary code, creating significant risks for affected systems. The decision to…
Google Unveils Unpatched and Poorly Fixed Windows 0-Day Vulnerability
Dec 24, 2020
Google’s Project Zero team has disclosed details about a poorly addressed zero-day security flaw in the Windows print spooler API, potentially allowing malicious actors to execute arbitrary code. The flaw was made public after Microsoft failed to resolve it within 90 days of responsible disclosure on September 24. Initially identified as CVE-2020-0986, the vulnerability involves an elevation of privilege exploit in the GDI Print / Print Spooler API (“splwow64.exe”) reported to Microsoft by an anonymous user collaborating with Trend Micro’s Zero Day Initiative (ZDI) in late December 2019. With no patch provided for nearly six months, ZDI publicly issued a zero-day advisory on May 19, which led to exploitation in a campaign known as “Operation PowerFall” targeting an unnamed South Korean company. “splwow64.exe” is a core Windows system binary that facilitates 32-bit application compatibility.
On December 29, 2020, a bug in Google’s feedback tool was patched, which could have allowed attackers to access sensitive screenshots of Google Docs by embedding the documents on malicious websites. Discovered by security researcher Sreeram KL on July 9, this flaw earned him a reward of $3,133.70 through Google’s Vulnerability Reward Program. The feedback feature, designed to let users report issues while optionally including screenshots, is implemented across various Google services. Instead of replicating this feature, Google utilizes an iframe element that pulls content from “feedback.googleusercontent.com,” thereby posing a security risk.
Google Docs Vulnerability Exposed: Potential Risk for Private Documents Dec 29, 2020 A recently patched vulnerability in Google’s feedback mechanism poses the risk of exposing sensitive documents within Google Docs to potential attackers. The flaw allowed malicious actors to exploit the integration of the feedback feature across various Google services,…
On December 29, 2020, a bug in Google’s feedback tool was patched, which could have allowed attackers to access sensitive screenshots of Google Docs by embedding the documents on malicious websites. Discovered by security researcher Sreeram KL on July 9, this flaw earned him a reward of $3,133.70 through Google’s Vulnerability Reward Program. The feedback feature, designed to let users report issues while optionally including screenshots, is implemented across various Google services. Instead of replicating this feature, Google utilizes an iframe element that pulls content from “feedback.googleusercontent.com,” thereby posing a security risk.
Google Uncovers Three New Malware Families Linked to Russian COLDRIVER Hackers
October 21, 2025
Cyber Espionage / Threat Intelligence
Google’s Threat Intelligence Group (GTIG) has revealed that the hacking group COLDRIVER, associated with Russia, has introduced a new suite of malware, indicating an intensified operational pace. Since May 2025, the group has shown a knack for rapid development and refinement, unveiling these new malware families just five days after the release of their previously documented LOSTKEYS. While the exact duration of development for the new malware remains unclear, GTIG noted a complete absence of LOSTKEYS activities since its disclosure. The newly identified threats—codenamed NOROBOT, YESROBOT, and MAYBEROBOT—constitute a “collection of related malware families interconnected through a delivery chain,” according to GTIG researcher Wesley Shields in a Monday analysis. These recent attack strategies mark a significant shift from COLDRIVER’s standard operational patterns.
Google Uncovers Three New Malware Families Linked to COLDRIVER Hackers October 21, 2025 Cyber Espionage / Threat Intelligence In a recent revelation, Google’s Threat Intelligence Group (GTIG) has identified three new malware families attributed to the Russian hacking group COLDRIVER. This discovery, made public on October 21, highlights a concerted…
Google Uncovers Three New Malware Families Linked to Russian COLDRIVER Hackers
October 21, 2025
Cyber Espionage / Threat Intelligence
Google’s Threat Intelligence Group (GTIG) has revealed that the hacking group COLDRIVER, associated with Russia, has introduced a new suite of malware, indicating an intensified operational pace. Since May 2025, the group has shown a knack for rapid development and refinement, unveiling these new malware families just five days after the release of their previously documented LOSTKEYS. While the exact duration of development for the new malware remains unclear, GTIG noted a complete absence of LOSTKEYS activities since its disclosure. The newly identified threats—codenamed NOROBOT, YESROBOT, and MAYBEROBOT—constitute a “collection of related malware families interconnected through a delivery chain,” according to GTIG researcher Wesley Shields in a Monday analysis. These recent attack strategies mark a significant shift from COLDRIVER’s standard operational patterns.
