New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

August 12, 2025

A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks.
“They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in a Windows network,”

Source: Read More

Previous ArticleUS reveals it seized $1 million worth of Bitcoin from Russian BlackSuit ransomware gang

Next Article The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions

Highlights

CVE-2025-4019 – Apache Novel-Plus Missing Authentication Vulnerability

April 28, 2025

CVE ID : CVE-2025-4019

Published : April 28, 2025, 12:15 p.m. | 2 hours, 50 minutes ago

Description : A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

I’ve tested every Samsung Galaxy phone in 2025 – here’s the model I’d recommend on sale

Google Photos just put all its best editing tools a tap away – here’s the shortcut

Claude can teach you how to code now, and more – how to try it

One of the best work laptops I’ve tested has MacBook written all over it (but it’s even better)

Controlling Execution Flow with Laravel’s Sleep Helper

Controlling Execution Flow with Laravel’s Sleep Helper

Generate Secure Temporary Share Links for Files in Laravel

This Week in Laravel: Filament 4, Laravel Boost, and Junie Review

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

FOSS Weekly #25.33: Debian 13 Released, Torvalds vs RISC-V, Arch’s New Tool, GNOME Perfection and More Linux Stuff

Ultimate ChatGPT-5 Prompt Guide: 52 Ideas for Any Task

New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

Controlling Execution Flow with Laravel’s Sleep Helper

Generate Secure Temporary Share Links for Files in Laravel

CVE-2025-5014 – The Home Villas | Real Estate WordPress Theme File Deletion Vulnerability (Arbitrary File Deletion)

CVE-2025-4373 – GLib Integer Overflow Buffer Underwrite

Your Apple MacBook is getting a free upgrade – here are the best MacOS 26 features

The Battlefield 6 PC system requirements are here in time for Open Beta, and they’re kind, too — here are the specs you’ll need to run the explosive FPS

CVE-2025-4019 – Apache Novel-Plus Missing Authentication Vulnerability

CVE-2025-47951 – Weblate Second Factor OTP Guessing Vulnerability

IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) 2025

Microsoft Overhauls Windows 11’s Task Manager With Sleek New Look and Live Statistics

New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

Related Posts