CVE-2025-26633

🔥 Top 10 Trending CVEs (18/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-8091](https://nvd.nist.gov/vuln/detail/CVE-2025-8091)** - 📝 The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to …

EncryptHub Strikes Again A dangerous Russian hacking group is exploiting a patched Windows flaw (MSC EvilTwin, CVE-2025-26633) using fake Teams requests and rogue MSC files to deliver Fickle Stealer malware. Tactics include PowerShell commands, abusing Brave Support, and encrypted C2 traffic for stealth.

🚨 Breaking Cyber Intelligence: EncryptHub Hits with MSC EvilTwin Exploit 🚨 https://preview.redd.it/9v4v98b5dmjf1.png?width=1024&format=png&auto=webp&s=a47c2d665a0cecdb070c9f4a90d097cf3b710899 **Who:** Russian-linked EncryptHub (aka LARVA-208 / Water Gamayun) **What:** Exploiting Windows MMC flaw **CVE-2025-26633** (“MSC EvilTwin”) to deploy **Fickle Stealer**, an advanced PowerShell-based info stealer. [X (formerly Twitter)+11Cyber Security News+11Security Affairs+11](https://cybersecuritynews.com/microsoft-teams-request-remote-access/?utm_source=chatgpt.com) **How they attack:** 1. Initiate contact via …

🔥 Top 10 Trending CVEs (17/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-26633](https://nvd.nist.gov/vuln/detail/CVE-2025-26633)** - 📝 Microsoft Management Console Security Feature Bypass Vulnerability - 📅 **Published:** 11/03/2025 - 📈 **CVSS:** 7 - 🧭 **Vector:** CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C - 📣 **Mentions:** 61 - ⚠️ **Priority:** 2 - …

Hackers Exploit Microsoft Teams to Gain Remote Access **A new social engineering campaign leverages Microsoft Teams requests to compromise corporate networks by mimicking IT support teams.** **Key Points:** - Attackers impersonate IT staff using Microsoft Teams to gain remote access. - Exploitation of the MSC EvilTwin vulnerability allows malware delivery. …

Russian Hacking Group EncryptHub Exploits Microsoft Flaw to Distribute Fickle Stealer Malware **A Russian hacking group is exploiting a patched Microsoft vulnerability to deploy advanced malware through social engineering tactics.** **Key Points:** - EncryptHub combines social engineering and technical exploits to infect targets. - The group utilizes a Microsoft Management …

Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payloads. Trustwave SpiderLabs said it recently observed an EncryptHub campaign that brings... **CVEs:** CVE-2025-26633 **Source:** https://thehackernews.com/2025/08/russian-group-encrypthub-exploits-msc.html

🔥 KELA Midyear Report: 2025’s Top Cyber Threats So Far Some major findings from[ TechNadu’s breakdown](https://www.technadu.com/top-threats-in-2025-cl0p-ransomware-lumma-stealer-and-several-flaw-exploits/605507/) of KELA’s midyear threat report: **💥 Ransomware** * Cl0p leads with 408 victims * Akira up 202% YoY * Qilin breached Lee Enterprises * RansomHub linked to Medusa & BianLian via EDRKillShifter **🦠 Infostealers** …