Identifying the malware During a routine malware scan, we noticed a plugin labeled wp-runtime-cache in the wp-content/plugins directory. Seems innocent enough, right? After all, just about every s...
Cryptocurrency exchange Coinbase has stated that an internal data breach affecting nearly 70,000 users involved bribed contractors from India. The initial report from Coinbase said the data breach...
Key findings Our examination of overarching trends revealed: An increase in malware incorporating hidden virtual network computing (HVNC), keylogging, and remote control functionalities. A g...
Over the past year, India witnessed a steep rise in cyberattacks. While news focused on big-ticket data breaches and mainstream ransomware attacks, it ignored how the overall threat landscape has b...
Your workforce is your greatest asset, and your vendors are integral to the success of the enterprise. It’s no surprise, then, that cybercriminals are targeting both, exploiting the trust in these ...
Up to a quarter of all cloud users are at risk of having their computing resources stolen and used to illicitly mine for cryptocurrency, after crims cooked up a campaign that targets publicly acces...
This report details a malicious campaign that uses deceptive websites, including spoofed Gitcodes and fake Docusign verification pages, to trick users into running malicious PowerShell scripts on t...
In March 2025, the Mobile Threat Intelligence team discovered Crocodilus, a new device-takeover Android banking Trojan entering the threat landscape. The first observed samples were mostly related ...
Cybercriminals have started a campaign of redirecting links placed on gaming sites and social media—and as sponsored ads—that lead to fake websites posing as Booking.com. According to Malwarebytes ...
EXECUTIVE SUMMARY In May 2025, a set of critical zero-day vulnerabilities was disclosed in Versa Concerto, a popular SD-WAN and SASE solution used across enterprises for secure cloud and network o...
Community bank MainStreet Bancshares says thieves stole data belonging to some of its customers during an attack on a third-party provider. Showing how vendors along the supply chain are often the...
Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted a...
Two local information-disclosure vulnerabilities have been identified in popular Linux crash-reporting tools, allowing attackers to access sensitive system data. The vulnerabilities, uncovered by ...
Socket’s Threat Research Team has uncovered an ongoing supply chain attack targeting the RubyGems ecosystem. A threat actor using the aliases Bùi nam, buidanhnam, and si_mobile published two malici...
Source: Splunk Advisory ID: SVD-2025-0602 CVE ID: CVE-2025-20298 Description: In Universal Forwarder for Windows versions below 9.4.2, 9.3.4, 9.2.6, and 9.1.9, a new installation of or an upgrade ...
OpenSSH has become a standard tool for secure remote management on both Linux and Windows systems. Since its inclusion as a default component in Windows 10 version 1803, attackers have increasingl...
New research from Checkmarx Zero has unveiled a unique malicious software campaign that targets Python and NPM users on both Windows and Linux systems. Security researcher Ariel Harush at Checkmar...
Established in 2016, the TrickBot group is believed to have infected millions of computers worldwide, exfiltrating sensitive information such as credentials, banking and credit card details, and pe...
An infostealer strain known as ‘Acreed’ could become the new market leader in credential theft malware, according to ReliaQuest. The cybersecurity company’s threat research team investigated the R...
Mommy, also known as “Miyako” or “Miya,” is an emerging and sophisticated cyber threat actor that has gained attention since 2024 due to their advanced cyber-espionage capabilities and active invol...