CYBERSECURITY 194
- Scattered Lapsus$ Hunters Demand Google Fire Security Experts or Face Data Leak
- NoisyBear Weaponizing ZIP Files to PowerShell Loaders and Exfiltrate Sensitive Data
- GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
- RapperBot Hijacking Devices to Launch DDoS Attack In a Split Second
- Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices
- New Report on Commercial Spyware Vendors Detailing Their Targets and Infection Chains
- New Phishing Attack Via OneDrive Attacking C-level Employees for Corporate Credentials
- Iran-Nexus Hackers Abuses Omani Mailbox to Target Global Governments
- Hidden Commands in Images Exploit AI Chatbots and Steal Data
- Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
- Microsoft Unveils Storm-0501’s Advanced Cloud Ransomware Attack Tactics
- Kea DHCP Server Vulnerability Let Remote Attacker Crash With a Single Crafted Packet
- International coalition calls out three Chinese companies over hacking campaign
- CISA Publish Hunting and Mitigation Guide to Defend Networks from Chinese State-Sponsored Actors
- New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over Devices
- AI-Powered Ransomware Has Arrived With 'PromptLock'
- MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
- Hackers steal data from Salesforce instances in widespread campaign
- Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing
- Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign
- Credential harvesting campaign targets ScreenConnect cloud administrators
- ClickFix Attack Tricks AI Summaries Into Pushing Malware
- Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
- Attackers Abuse Virtual Private Servers to Compromise SaaS Accounts
- APT36 hackers abuse Linux .desktop files to install malware in new attacks
- Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
- Oregon man charged with administering “Rapper Bot” DDoS-for-hire Botnet
- Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in
- From Campus to C2 Tracking a Persistent Chinese Operation Against Vietnamese Universities
- Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets
- Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware
- Man Jailed for 20 Months After Compromising Millions of Accounts
- Cybersecurity in Focus Recent Threats Targeting India Amid Independence Day Celebrations
- Blue Locker' Analysis Ransomware Targeting Oil & Gas Sector In Pakistan
- Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics
- New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises
- Update WinRAR tools now RomCom and others exploiting zero-day vulnerability
- Cybersecurity Firm Profero Cracks DarkBit Ransomware Encryption
- Unmasking SocGholish Silent Push Untangles the Malware Web Behind the “Pioneer of Fake Updates” and Its Operator, TA569
- Ukraine claims to have hacked secrets from Russia's newest nuclear submarine
- The Growing Threat of Mobile Infostealers
- Google suffers data breach in ongoing Salesforce data theft attacks
- SonicWall investigates possible zero-day amid Akira ransomware surge
- GenAI Used For Phishing Websites Impersonating Brazil’s Government
- From Bing Search to Ransomware Bumblebee and AdaptixC2 Deliver Akira
- ShadowSyndicate Infrastructure Used by Multiple Ransomware Groups Including Cl0p, LockBit and RansomHub
- LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code
- Fake Telegram Premium Site Distributes New Lumma Stealer Variant
- Hackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study Finds
- Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN
- AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
- Unmasking Interlock Group's Evolving Malware Arsenal
- The Commented Kill Chain Why Old Ransomware Playbooks Never Die
- Ransomware in Q2 2025 AI Joins the Crew, Cartels Rise, and Payment Rates Collapse
- From Laptops to Laundromats How DPRK IT Workers Infiltrated the Global Remote Economy
- APT36 Expands Beyond Military New Attacks Hit Indian Railways, Oil & Government Systems
- ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH
- Cobalt Strike Beacon delivered via GitHub and social media
- China’s Covert Capabilities | Silk Spun From Hafnium
- Behind Random Words DoubleTrouble Mobile Banking Trojan Revealed
- Anubis and the Death of Data A New Era of Ransomware Operations
- GOLD BLADE remote DLL sideloading attack deploys RedLoader
- Revisiting UNC3886 Tactics to Defend Against Present Risk
- Cybersecurity Scams Targeting Fans and Teams at the 2025 Belgian Grand Prix
- Researchers Expose Massive Online Fake Currency Operation in India
- Florida Student Research Deploys AI to Spot Stealthy Android Malware
- ToolShell, SharePoint, and the Death of the Patch Window
- Methods to Bypass OTP in Mobile Apps Successful VAPT Scenarios
- Hunting Laundry Bear Infrastructure Analysis Guide and Findings
- Unmasking the new Chaos RaaS group attacks
- ToolShell An all-you-can-eat buffet for threat actors
- A Spike in the Desert How GreyNoise Uncovered a Global Pattern of VOIP-Based Telnet Attacks
- US nuclear weapons agency hacked in Microsoft SharePoint attacks
- Signed, Sealed, Altered? Deepdive into PDF Tempering
- Ports are getting smarter and more hackable
- Operation CargoTalon UNG0901 Targets Russian Aerospace & Defense Sector using EAGLET implant.
- HAFNIUM-Linked Hacker Xu Zewei Riding the Tides of China’s Cyber Ecosystem
- Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims
- How DEF CON hacking villages help to save the planet
- Clickfix on macOS AppleScript Malware Campaign Uses Terminal Prompts to Steal Data
- Back to Business Lumma Stealer Returns with Stealthier Methods
- The SOC files Rumble in the jungle or APT41’s new target in Africa
- Microsoft Fix Targets Attacks on SharePoint Zero-Day
- Malware Identified in Attacks Exploiting Ivanti Connect Secure Vulnerabilities
- How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies
- Greedy Sponge Targets Mexico with AllaKore RAT and SystemBC
- Getting to the Crux (Ransomware) of the Matter
- The Linuxsys Cryptominer
- Mobile Forensics Tool Used by Chinese Law Enforcement Dissected
- CryptoJacking is dead, long live CryptoJacking
- UNG0002, Regional Threat Operations Tracked Across Multiple Asian Jurisdictions
- Salt Typhoon breach Chinese APT compromises U.S. Army National Guard network
- Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor
- Old Miner, New Tricks H2miner Resurfaces with Lcrypt0rx Ransomware
- Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects
- On the Move Fast Flux in the Modern Threat Landscape
- Hyper-volumetric DDoS attacks skyrocket Cloudflare’s 2025 Q2 DDoS threat report
- eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
- The Good, the Bad, and the Encoding An SS7 Bypass Attack
- KongTuke FileFix Leads to New Interlock RAT Variant
- GLOBAL GROUP Emerging Ransomware-as-a-Service, Supporting AI Driven Negotiation and Mobile Control Panel for Their Affiliates
- Behind the Clouds Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication
- Chasing Ghosts Over RDP Lateral Movement in Tiny Bitmaps
- GAO finds progress in cyber information sharing, warns of rising attacks on critical infrastructure
- Where Everybody Knows Your Name Observing Malice-Complicit Nameservers
- Rendershock Weaponizing Trust in File Rendering Pipelines
- Malware of the Day – Multi-Modal C2 Communication – Numinon C2
- Fix the Click Preventing the ClickFix Attack Vector
- Code highlighting with Cursor AI for $500,000
- AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
- GitHub Abused to Spread Malware Disguised as Free VPN
- From Click to Compromise Unveiling the Sophisticated Attack of DoNot APT Group on Southern European Government Entities
- Combolists and ULP Files on the Dark Web A Secondary and Unreliable Source of Information about Compromises
- NordDragonScan Quiet Data-Harvester on Windows
- Hackers abuse leaked Shellter red team tool to deploy infostealers
- Deploying NetSupport RAT via WordPress & ClickFix
- BERT Ransomware Group Targets Asia and Europe on Multiple Platforms
- NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors
- When Installers Turn Evil The Pascal Script Behind Inno Setup Malware Campaign
- Silent Push Uncovers Chinese Fake Marketplace e-Commerce Phishing Campaign
- Exposed JDWP Exploited in the Wild What Happens When Debug Ports Are Left Open
- Okta observes v0 AI tool used to build phishing sites
- Houken seeking a path by living on the edge with zero-days
- Critical Vulnerability in Microsens Devices Exposes Systems to Hackers
- Jasper Sleet North Korean remote IT workers’ evolving tactics to infiltrate organizations
- Hawaiian Airlines Hit by Cybersecurity Incident
- Odyssey Stealer The Rebrand of Poseidon Stealer
- DeepSeek Deception Sainbox RAT & Hidden Rootkit Delivery
- Patch and Persist Darktrace’s Detection of Blind Eagle (APT-C-36)
- Cybercrime is surging across Africa
- Crash (exploit) and burn Securing the offensive cyber supply chain to counter China in cyberspace
- OneClik A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure
- Cybercriminals Abuse Open-Source Tools To Target Africa’s Financial Sector
- Cryptominers’ Anatomy Shutting Down Mining Botnets
- Chinese “LapDogs” ORB Network Targets US and Asia
- APT36 Phishing Campaign Targets Indian Defense Using Credential-Stealing Malware
- Zoom & doom BlueNoroff call opens the door
- Resurgence of the Prometei Botnet
- Aflac notifies SEC of breach suspected to be work of Scattered Spider
- Part 2 Tracking LummaC2 Infrastructure
- Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure
- What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia
- Threat actor Banana Squad exploits GitHub repos in new campaign
- Ransomware Gangs Collapse as Qilin Seizes Control
- How Fraudsters Are Poisoning Search Results to Promote Phishing Sites
- PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
- Kali Linux 2025.2 released with 13 new tools, car hacking updates
- Is your AI safe? Threat analysis of MCP (Model Context Protocol)
- Fileless AsyncRAT Distributed Via Clickfix Technique Targeting German Speaking Users
- Anubis A Closer Look at an Emerging Ransomware with Built-in Wiper
- Ransomware Scum Disrupted Utility Services with SimpleHelp Attacks
- JSFireTruck Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique
- Fog Ransomware Unusual Toolset Used in Recent Attack
- Toxic trend Another malware threat targets DeepSeek
- Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud
- Global analysis of Adversary-in-the-Middle phishing threats
- Unmasking the Infrastructure of a Spearphishing Campaign
- iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals
- Sleep with one eye open how Librarian Ghouls steal data by night
- GhostVendors Exposed Silent Push Uncovers Massive Network of 4000+ Fraudulent Domains Masquerading as Major Brands
- Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets
- DanaBleed DanaBot C2 Server Memory Leak Bug
- Mapping Hidden Alliances in Russian-Affiliated Ransomware
- Operation Endgame Disrupts AvCheck, Forces Threat Actors to Seek Alternatives
- Chinese Hackers Infiltrated U.S. Telecom Networks a Year Earlier Than Previously Known
- Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure
- The strange tale of ischhfd83 When cybercriminals eat their own
- The Bitter End Unraveling Eight Years of Espionage Antics—Part One
- StormWall Reveals India, China and US Faced Most DDoS Attacks in Q1 2025
- From open-source to open threat Tracking Chaos RAT’s evolution
- Criminals Bribed Outsourced Contractors to Steal Coinbase User Data
- Android malware trends Stealthier, easier-to-use
- The Hidden Cost of Trust New Data Reveals Alarming Employee Engagement with Vendor Email Compromise
- How Threat Actors Exploit Human Trust A Breakdown of the 'Prove You Are Human' Malware Scheme
- Victims risk AsyncRAT infection after being redirected to fake Booking.com sites
- Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban
- Backdoors in Python and NPM Packages Target Windows and Linux
- Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown
- Interlock ransomware what you need to know
- Monkey-Patched PyPI Packages Use Transitive Dependencies to Steal Solana Private Keys
- Haozi’s Plug-and-Play Phishing-as-a-Service Has Facilitated $280,000 of Criminal Transactions Over Past Five Months
- Cybercriminals camouflaging threats as AI tool installers
- Zanubis in motion Tracing the active evolution of the Android banking malware
- Pakistan Telecommunication Company (PTCL) Targeted by Bitter APT During Heightened Regional Conflict
- Text-to-Malware How Cybercriminals Weaponize Fake AI-Themed Websites
- New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
- Malware or LLM? Silent Werewolf employs new loaders to attack Russian and Moldovan organizations
- Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
- Earth Lamia Develops Custom Arsenal to Target Multiple Industries
- AIVD and MIVD identify new Russian cyber threat actor
- SilverRAT Source Code Leaked Online Here’s What You Need to Know
- Reborn in Rust AsyncRAT
- Eye of the Storm Dissecting the Playbook of Cyber Toufan
- Operation Sindoor – Anatomy of a Digital Siege