Output Messenger zero-day leveraged in ongoing cyberespionage campaign

DedicatedICS
Yanac

Trkiye-affiliated threat operation Marbled Dust has exploited a newly discovered directory traversal vulnerability in the multi-platform enterprise chat app Output Messenger, tracked as CVE-2025-27920, in attacks against Kurdish military-linked users in Iraq as part of a cyberespionage campaign that has been underway since April 2024, The Cyber Express reports.SCM feed for Endpoint/Device SecurityRead More