CVE-2025-0108 is a high-severity authentication bypass vulnerability affecting Palo Alto’s PAN-OS, the operating system for their next-generation firewalls. This flaw allows an unauthenticated attacker with network access to the PAN-OS management web interface to bypass authentication controls and execute restricted PHP scripts.

The origin of the word “Rhadamanthys”, goes back to Greek mythology where he was a legendary figure who ruled as king of Crete. Born to Zeus and Europa, he held the status of demigod and was renowned for his wisdom. Rhadamanthys Stealer is a sophisticated information stealer written in C++ that employs multiple evasion techniques. The malware utilizes a custom packer for code obfuscation and incorporates anti-VM and anti-debugging mechanisms to prevent analysis.

A new campaign distributing the notorious Lumma Stealer malware has been discovered by security analyst Crep1x at Sekoia. Threat actors are utilizing over 80 second-level domains to generate over 1,000 fully qualified domain names impersonating Reddit and WeTransfer. Websites impersonating Reddit feature a fake thread designed to deceive victims into downloading the malware.