New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

June 18, 2025

A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails.
The ongoing campaign has been codenamed SERPENTINE#CLOUD by Securonix.
It leverages “the Cloudflare Tunnel infrastructure and Python-based loaders to deliver memory-injected payloads through a chain of shortcut files and obfuscated

Source: Read More

Previous ArticleRansomware gang busted in Thailand hotel raid

Next Article 1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub

Highlights

CVE-2025-6651 – PDF-XChange Editor JP2 File Parsing Remote Code Execution Vulnerability

June 25, 2025

CVE ID : CVE-2025-6651

Published : June 25, 2025, 10:15 p.m. | 4 hours, 6 minutes ago

Description : PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26713.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: An Echo In Here in here

How To Minimize The Environmental Impact Of Your Website

Progress adds AI coding assistance to Telerik and Kendo UI libraries

Wasm 3.0 standard is now officially complete

Development Release: Ubuntu 25.10 Beta

Development Release: Linux Mint 7 Beta “LMDE”

Distribution Release: Tails 7.0

Distribution Release: Security Onion 2.4.180

GenStudio for Performance Marketing: What’s New and What We’ve Learned

GenStudio for Performance Marketing: What’s New and What We’ve Learned

Agentic and Generative Commerce Can Elevate CX in B2B

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

Denmark’s Strategic Leap Replacing Microsoft Office 365 with LibreOffice for Digital Independence

Denmark’s Strategic Leap Replacing Microsoft Office 365 with LibreOffice for Digital Independence

Development Release: Ubuntu 25.10 Beta

Development Release: Linux Mint 7 Beta “LMDE”

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

GenStudio for Performance Marketing: What’s New and What We’ve Learned

Agentic and Generative Commerce Can Elevate CX in B2B

Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users

CodeSOD: The Wrong Kind of Character

Text-to-speech with feeling – this new AI model does everything but shed a tear

Use Amazon SageMaker Unified Studio to build complex AI workflows using Amazon Bedrock Flows

CVE-2025-6651 – PDF-XChange Editor JP2 File Parsing Remote Code Execution Vulnerability

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

CVE-2025-6297 – “Ubuntu dpkg-deb Directory Permission Sanitization Vulnerability”

How to buy a laptop for school, work, or gaming (and our top picks for each)

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

Related Posts