New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code

August 19, 2025

Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT.
The malicious activity involves the “distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger,” Kaspersky researcher Saurabh Sharma said in a technical analysis published today.
The

Source: Read More

Previous ArticleSpeed cameras knocked out after cyber attack

Next Article Black Hat USA 2025 CISO Series Episode 1: What CISOs Must Know About AI Security & Governance

Highlights

CVE-2025-54140 – pyLoad Path Traversal Remote Code Execution Vulnerability

July 22, 2025

CVE ID : CVE-2025-54140

Published : July 22, 2025, 10:15 p.m. | 2 hours, 20 minutes ago

Description : pyLoad is a free and open-source Download Manager written in pure Python. In version 0.5.0b3.dev89, an authenticated path traversal vulnerability exists in the /json/upload endpoint of pyLoad. By manipulating the filename of an uploaded file, an attacker can traverse out of the intended upload directory, allowing them to write arbitrary files to any location on the system accessible to the pyLoad process. This may lead to: Remote Code Execution (RCE), local privilege escalation, system-wide compromise, persistence, and backdoors. This is fixed in version 0.5.0b3.dev90.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Stop writing tests: Automate fully with Generative AI

Opsera’s Codeglide.ai lets developers easily turn legacy APIs into MCP servers

Black Duck Security GitHub App, NuGet MCP Server preview, and more – Daily News Digest

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

This new Coros watch has 3 weeks of battery life and tracks way more – even fly fishing

5 ways automation can speed up your daily workflow – and implementation is easy

This new C-suite role is more important than ever in the AI era – here’s why

iPhone users may finally be able to send encrypted texts to Android friends with iOS 26

Creating Dynamic Real-Time Features with Laravel Broadcasting

Creating Dynamic Real-Time Features with Laravel Broadcasting

Understanding Tailwind CSS Safelist: Keep Your Dynamic Classes Safe!

Sitecore’s Content SDK: Everything You Need to Know

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Microsoft admits it broke “Reset this PC” in Windows 11 23H2 KB5063875, Windows 10 KB5063709

How to Fix “EA AntiCheat Has Detected an Incompatible Driver” on Windows 11?

New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code

Creating Dynamic Real-Time Features with Laravel Broadcasting

Repurposing Protein Folding Models for Generation with Latent Diffusion

DistroWatch Weekly, Issue 1127

CVE-2025-5339 – Adobe Ads Pro Plugin SQL Injection Vulnerability

CVE-2025-20260 – ClamAV PDF Buffer Overflow Vulnerability

CVE-2025-7488 – JoeyBling SpringBoot_MyBatisPlus Remote File Path Traversal Vulnerability

CVE-2025-54140 – pyLoad Path Traversal Remote Code Execution Vulnerability

CVE-2025-21470 – Apache Image Toolkit Buffer Overflow

Looking for an AI-powered website builder? Here’s your best option in 2025

CVE-2025-46109 – pbootCMS SQL Injection

New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code

Related Posts