For a detailed threat digest, download the PDF file here

HiveForce Labs has identified a surge in cyber threats over the past week alone, with five attacks executed and nine vulnerabilities uncovered, highlighting the relentless nature of cyberattacks.
Spotlighting a wave of high-impact vulnerabilities and sophisticated attack campaigns. At the forefront is Google Chrome’s zero-day flaw in the V8 engine (CVE-2025-5419), already under active exploitation. Alongside it, Roundcube Webmail’s CVE-2025-49113 exposes servers to remote code execution by authenticated users due to inadequate input validation, placing millions of outdated systems at immediate risk. Meanwhile, a critical flaw in Cisco ISE cloud deployments (CVE-2025-20286) threatens AWS, Azure, and OCI environments, where shared static credentials across instances allow unauthenticated attackers to gain full access and disrupt operations. The availability of public proof-of-concept exploits raises the stakes for defenders.
On the malware front, the emergence of Lyrix ransomware and Chaos RAT adds further pressure. Lyrix targets Windows systems with advanced evasion tactics, encrypting data, dismantling recovery options, and exfiltrating sensitive files, leaving victims with few alternatives other than paying the ransom. Simultaneously, Chaos RAT, a Go-based remote access tool, has been repurposed into cross-platform malware spreading through phishing emails to take control of both Windows and Linux environments. Amplifying the threat landscape is the Phantom Enigma campaign, a highly targeted phishing operation that began in Brazil and has spread internationally. Together, these threats reinforce a clear message that organizations must act swiftly to patch vulnerabilities, enhance threat detection, and invest in long-term cyber resilience to withstand the evolving tactics of today’s threat actors.
Click here to Subscribe to receive our weekly threat digests and alerts directly in your inbox.