CYBERSECURITY 392
- Notepad++ Hijacked by State-Sponsored Hackers
- ShadowHS - A Fileless Linux Post‑Exploitation Framework Built on a Weaponized hackshell
- Phishing kits adapt to the script of callers
- I'm locked in!
- Cant Stop Wont Stop Ta584 Innovates Initial Access
- WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware
- 14M Panera Bread customer records leaked - What do we know so far?
- PeckBirdy - A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups
- GOGITTER, GITSHELLPAD, and GOSHELL Analysis
- 1Password Adds Pop-Up Warnings for Suspected Phishing Sites
- Investigation underway after 72M Under Armour records surface online
- Fortinet warns of active FortiCloud SSO bypass affecting updated devices
- Vulnerabilities in EVMAPA
- Osiris - New Ransomware, Experienced Attackers?
- Phishing and Spoofed Sites Remain Primary Entry Points For Olympics
- Peruvian Loan Scam Harvests Cards and PINs via Fake Applications
- Damn Vulnerable' Training Apps Leave Vendors' Clouds Exposed
- Kimwolf Botnet Lurking in Corporate, Govt. Networks
- Ingram Micro admits summer ransomware raid exposed thousands of staff records
- From Extension to Infection - An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers
- Mandiant releases quick credential cracker, to hasten the death of a bad protocol
- Tennessee Man Pleads Guilty to Repeatedly Hacking Supreme Court’s Filing System
- Gootloader now uses 1,000-part ZIP archives for stealthy delivery
- CodeBuild Flaw Put AWS Console Supply Chain At Risk
- Inside RedVDS - How a single virtual desktop provider fueled worldwide cybercriminal operations
- CERT-UA reports PLUGGYAPE cyberattacks on defense forces
- Unveiling VoidLink – A Stealthy, Cloud-Native Linux Malware Framework
- Hunting Lazarus - Inside the Contagious Interview C2 Infrastructure
- CastleLoader Analysis - A Deep Dive into Stealthy Loader Targeting Government Sector
- CrazyHunter ransomware escalates with advanced intrusion tactics, six Taiwan healthcare victims confirmed
- Instagram’s 17 Million User Data Leak Was Just Scraped Records from 2022
- Instagram denies breach amid claims of 17 million account data leak
- Phishing Campaign Uses Maduro Arrest Story to Deliver Backdoor Malware
- Inside GoBruteforcer - AI-Generated Server Defaults, Weak Passwords, and Crypto-Focused Campaigns
- Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches
- Hospitality Sector Hit By PHALT#BLYX ClickFix Malware Campaign
- Coinbase insider who sold customer data to criminals arrested in India
- New Zealand orders review into ManageMyHealth cyberattack
- Hackers claim to hack Resecurity, firm says it was a honeypot
- Prince of Persia ran a covert Iranian spy campaign for over a decade
- Hackers attack WatchGuard Firebox firewalls 120K IPs exposed and vulnerable
- Hackers Abuse Popular Monitoring Tool Nezha as a Stealth Trojan
- RansomHouse upgrades encryption with multi-layered data processing
- Cybersecurity Professionals Plead Guilty to Launching Ransomware Attacks
- Rudepanda Owns Iis Servers Like 2003
- OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365
- New BeaverTail Malware Variant Linked to Lazarus Group
- Zeroday Cloud hacking event awards $320,0000 for 11 zero days
- WhatsApp device linking abused in account hijacking attacks
- UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
- BlueDelta’s Persistent Campaign Against UKR.NET
- Russian APT actor phishes the Baltics and the Balkans
- Russia Hits Critical Orgs Via Misconfigured Edge Devices
- Google is discontinuing its dark web report - why it matters
- China's Ink Dragon Hides Out in European Government Networks
- Think Like an Attacker - Cybersecurity Tips From Cato Networks' CISO
- New SantaStealer malware steals data from browsers, crypto wallets
- Your questions, answered by Cybernews - Can your vape be hacked?
- CISA Warns of Windows Cloud Files Mini Filter 0-Day Vulnerability Exploited in Attacks
- 7 Best Security Awareness Training Platforms For MSPs in 2026
- Stanford University pits cybersecurity researchers versus AI - should humans worry?
- Cracking ValleyRAT From Builder Secrets to Kernel Rootkits
- Scammers harvesting Facebook photos to stage fake kidnappings, warns FBI
- New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites
- Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features
- US military contractor breach expose employee data
- Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs
- Unveiling WARP PANDA A New Sophisticated China-Nexus Adversary
- Penn and Phoenix Universities Disclose Data Breach After Oracle Hack
- 29.7 Tbps DDoS Attack Via Aisuru Botnet Breaks Internet With New World Record
- Researchers Capture Lazarus APT's Remote-Worker Scheme Live on Camera
- Everest Ransomware Claims ASUS Breach and 1TB Data Theft
- How a Russian Threat Actor Uses a Recent WinRAR Vulnerability in Their Ukraine Operations
- North Korea-linked actors behind Contagious Interview uploaded 197 new malicious npm packages to distribute a new OtterCookie malware version.
- House panels seek testimony from Anthropic, Google, Quantum Xchange after report on PRC-linked AI attack
- Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys
- KawaiiGPT – New Black-Hat AI Tool Used by Hackers to Launch Cyberattacks
- Department 40 Exposed Inside the IRGC Unit Connecting Cyber Ops to Assassinations
- CrowdStrike Fires Worker Over Insider Leak to Scattered Lapsus Hunters
- ShinyHunters 'does not like Salesforce at all,' claims the crew accessed Gainsight 3 months ago
- Google exposes BadAudio malware used in APT24 espionage campaigns
- WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide
- Attackers are using “Sneaky 2FA” to create fake sign-in windows that look real
- Researchers Detail Tuoni C2's Role in an Attempted 2025 Real-Estate Cyber Intrusion
- What Should A Modern Cybersecurity Stack Look Like?
- Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT
- AI's scary new trick - Conducting cyberattacks instead of just helping out
- Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies
- Decades-old ‘Finger’ protocol abused in ClickFix malware attacks
- The State of Ransomware – Q3 2025
- Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests' Payment Data
- SIEM Modernization and Optimization - Step 2 - Define Your Goals
- Zscaler warns industrial operations face mounting risk as IoT, OT attacks surge across energy, manufacturing sectors
- Patch now Samsung zero-day lets attackers take over your phone
- North Korean hackers exploit Google’s safety tools for remote wipe
- Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads
- Dangerous runC flaws could allow hackers to escape Docker containers
- Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic
- LANDFALL New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices
- Gootloader malware back for the attack, serves up ransomware
- GlassWorm Returns New Wave Strikes as We Expose Attacker Infrastructure
- Russian hackers sneak a full Linux virtual machine inside Windows to run undetected
- Russian spies pack custom malware into hidden VMs on Windows machines
- Ransomware negotiator, pay thyself!
- Operation Peek-a-Baku Silent Lynx APT makes sluggish shift to Dushanbe
- New Dante Spyware Linked to Rebranded Hacking Team, Now Memento Labs
- Hackers Deliver SSH-Tor Backdoor Via Weaponized Military Documents in ZIP Files
- Penn hacker claims to have stolen 1.2 million donor records in data breach
- Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery
- Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets
- New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts
- Massive risk 92% of Exchange servers in Germany unprotected after Microsoft support ends
- BiDi Swap The bidirectional text trick that makes fake URLs look real
- Qilin ransomware escalates rapidly in 2025, targeting critical sectors with 700 attacks amid RansomHub shutdown
- OpenAI Atlas Browser Vulnerability Allows Malicious Code Injection into ChatGPT
- Iran's school for cyberspies could've used a few more lessons in preventing breaches
- Hackers exploiting Windows updates Microsoft urges users to patch
- Europol Warns of Rising Threat From Caller ID Spoofing Attacks
- Chrome Zero-Day Exploitation Linked to Hacking Team Spyware
- LockBit 5.0 Actively Attacking Windows, Linux, and ESXi Environments
- Hackers exploiting critical vulnerability in Windows Server Update Service
- Buying Spying - How the commercial surveillance industry works and what can be done about it
- Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques
- SocGholish Malware Using Compromised Sites to Deliver Ransomware
- Jaguar Land Rover hack cost UK economy an estimated $2.5 billion, report says
- Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch
- Russian Coldriver Hackers Deploy New 'NoRobot' Malware
- Ransomware Payouts Surge to $3.6m Amid Evolving Tactics
- CISA’s International, Industry and Academic Partnerships Slashed
- CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw
- Self-spreading GlassWorm malware hits OpenVSX, VS Code registries
- Cyber defenders sound the alarm as F5 hack exposes broad risks
- AI-Driven Social Engineering Top Cyber Threat for 2026, ISACA Survey Reveals
- New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
- Collins Aerospace attack claimed by Everest, linking ransomware group to last month's European airport chaos
- Senate Investigates Cisco Over Zero-Day Firewall Vulnerabilities
- North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
- Misconfigured NetcoreCloud Server Exposed 40B Records in 13.4TB of Data
- Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months
- UK NCSC Reports 130% Spike in "Nationally Significant" Cyber Incidents
- Hacker Group TA585 Emerges With Advanced Attack Infrastructure
- Dragos sounds alarm over cyberattacks targeting distributed energy and industrial microgrids
- Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
- How to tell if your mobile number has been hacked and what to do next
- Attackers exploit valid logins in SonicWall SSL VPN compromise
- North Korean Hackers Have Stolen $2 Billion in Cryptocurrency in 2025
- Hackers leveraging Teams to drop malware, steal data, Microsoft warns
- Foreign threat actors adopting ChatGPT, AI to bolster "old playbook" of attacks, OpenAI finds
- The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn
- Reading the ENISA Threat Landscape 2025 report
- Ransomware Group “Trinity of Chaos” Launches Data Leak Site
- Patch Now Dell UnityVSA Flaw Allows Command Execution Without Login
- Hackers exploited Zimbra flaw as zero-day using iCalendar files
- Ghost in the Cloud Weaponizing AWS X-Ray for Command & Control
- Discord Data Breach Hackers Access IDs, Billing Details and Support Chats
- CometJacking One Click Can Turn Perplexity's Comet AI Browser Into a Data Thief
- Oracle says hackers are trying to extort its customers
- Phishing Dominates EU-Wide Intrusions, says ENISA
- Exposing CharmingKitten's malicious activity for IRGC-IO division Counterintelligence division
- Massive network of 30,000 websites filters victims before delivering scams or malware
- VMware virtual machines under attack hackers may have exploited zero-day for months
- Phantom Taurus A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite
- Medusa Ransomware Claims Comcast Data Breach, Demands .2M
- EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
- Cisco Talos attributes Asian telecom and manufacturing attacks to Naikon PlugX campaign
- Ransomware's favorite target in 2025 and what you can do about it
- Hackers Leverage AI-Generated Code to Obfuscate Its Payload and Evade Traditional Defenses
- Chinese Cyberspies Hacked US Defense Contractors
- Who is Salt Typhoon Really? Unraveling the Attribution Challenge
- UK agency makes arrest in airport cyberattack investigation
- Threat Actors Breaking to Enterprise Infrastructure Within 18 Minutes From Initial Access
- COLDRIVER Updates Arsenal with BAITSWITCH and SIMPLEFIX
- SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
- Researchers expose MalTerminal, an LLM-enabled malware pioneer
- Nimbus Manticore Deploys New Malware Targeting Europe
- ShadowLeak Radware Uncovers Zero-Click Attack on ChatGPT
- RaccoonO365 Phishing Network Dismantled as Microsoft, Cloudflare Take Down 338 Domains
- How a Plaintext File On Users’ Desktops Exposed Secrets Leads to Akira Ransomware Attacks
- China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy
- BreachForums Owner Sent to Prison in Resentencing
- Going Underground China-aligned TA415 Conducts U.S.-China Economic Relations Targeting Using VS Code Remote Tunnels
- EvilAI malware campaign exploits AI-generated code to breach global critical sectors
- DNV details ‘SteganoAmor’ malware campaign used against Iranian oil and gas traders, extends to maritime operators
- FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data
- Huntress's 'hilarious' attacker surveillance splits infosec community
- France Warns Apple Users of New Spyware Campaign
- DELMIA Factory Software Vulnerability Exploited in Attacks
- Popular AI chatbots leaking data millions of users could be affected
- New Buterat Backdoor Malware Found in Enterprise and Government Networks
- KillSec Ransomware is Attacking Healthcare Institutions in Brazil
- Unmasking The Gentlemen Ransomware Tactics, Techniques, and Procedures Revealed
- Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
- 45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage
- Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack
- GhostAction Supply Chain Attack Compromises 3000+ Secrets
- Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure
- 18 Popular Code Packages Hacked, Rigged to Steal Crypto
- Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens
- Scattered Lapsus$ Hunters Demand Google Fire Security Experts or Face Data Leak
- NoisyBear Weaponizing ZIP Files to PowerShell Loaders and Exfiltrate Sensitive Data
- GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
- RapperBot Hijacking Devices to Launch DDoS Attack In a Split Second
- Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices
- New Report on Commercial Spyware Vendors Detailing Their Targets and Infection Chains
- New Phishing Attack Via OneDrive Attacking C-level Employees for Corporate Credentials
- Iran-Nexus Hackers Abuses Omani Mailbox to Target Global Governments
- Hidden Commands in Images Exploit AI Chatbots and Steal Data
- Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans
- Microsoft Unveils Storm-0501’s Advanced Cloud Ransomware Attack Tactics
- Kea DHCP Server Vulnerability Let Remote Attacker Crash With a Single Crafted Packet
- International coalition calls out three Chinese companies over hacking campaign
- CISA Publish Hunting and Mitigation Guide to Defend Networks from Chinese State-Sponsored Actors
- New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over Devices
- AI-Powered Ransomware Has Arrived With 'PromptLock'
- MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
- Hackers steal data from Salesforce instances in widespread campaign
- Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing
- Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign
- Credential harvesting campaign targets ScreenConnect cloud administrators
- ClickFix Attack Tricks AI Summaries Into Pushing Malware
- Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
- Attackers Abuse Virtual Private Servers to Compromise SaaS Accounts
- APT36 hackers abuse Linux .desktop files to install malware in new attacks
- Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
- Oregon man charged with administering “Rapper Bot” DDoS-for-hire Botnet
- Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in
- From Campus to C2 Tracking a Persistent Chinese Operation Against Vietnamese Universities
- Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets
- Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware
- Man Jailed for 20 Months After Compromising Millions of Accounts
- Cybersecurity in Focus Recent Threats Targeting India Amid Independence Day Celebrations
- Blue Locker' Analysis Ransomware Targeting Oil & Gas Sector In Pakistan
- Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics
- New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises
- Update WinRAR tools now RomCom and others exploiting zero-day vulnerability
- Cybersecurity Firm Profero Cracks DarkBit Ransomware Encryption
- Unmasking SocGholish Silent Push Untangles the Malware Web Behind the “Pioneer of Fake Updates” and Its Operator, TA569
- Ukraine claims to have hacked secrets from Russia's newest nuclear submarine
- The Growing Threat of Mobile Infostealers
- Google suffers data breach in ongoing Salesforce data theft attacks
- SonicWall investigates possible zero-day amid Akira ransomware surge
- GenAI Used For Phishing Websites Impersonating Brazil’s Government
- From Bing Search to Ransomware Bumblebee and AdaptixC2 Deliver Akira
- ShadowSyndicate Infrastructure Used by Multiple Ransomware Groups Including Cl0p, LockBit and RansomHub
- LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code
- Fake Telegram Premium Site Distributes New Lumma Stealer Variant
- Hackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study Finds
- Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN
- AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
- Unmasking Interlock Group's Evolving Malware Arsenal
- The Commented Kill Chain Why Old Ransomware Playbooks Never Die
- Ransomware in Q2 2025 AI Joins the Crew, Cartels Rise, and Payment Rates Collapse
- From Laptops to Laundromats How DPRK IT Workers Infiltrated the Global Remote Economy
- APT36 Expands Beyond Military New Attacks Hit Indian Railways, Oil & Government Systems
- ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH
- Cobalt Strike Beacon delivered via GitHub and social media
- China’s Covert Capabilities | Silk Spun From Hafnium
- Behind Random Words DoubleTrouble Mobile Banking Trojan Revealed
- Anubis and the Death of Data A New Era of Ransomware Operations
- GOLD BLADE remote DLL sideloading attack deploys RedLoader
- Revisiting UNC3886 Tactics to Defend Against Present Risk
- Cybersecurity Scams Targeting Fans and Teams at the 2025 Belgian Grand Prix
- Researchers Expose Massive Online Fake Currency Operation in India
- Florida Student Research Deploys AI to Spot Stealthy Android Malware
- ToolShell, SharePoint, and the Death of the Patch Window
- Methods to Bypass OTP in Mobile Apps Successful VAPT Scenarios
- Hunting Laundry Bear Infrastructure Analysis Guide and Findings
- Unmasking the new Chaos RaaS group attacks
- ToolShell An all-you-can-eat buffet for threat actors
- A Spike in the Desert How GreyNoise Uncovered a Global Pattern of VOIP-Based Telnet Attacks
- US nuclear weapons agency hacked in Microsoft SharePoint attacks
- Signed, Sealed, Altered? Deepdive into PDF Tempering
- Ports are getting smarter and more hackable
- Operation CargoTalon UNG0901 Targets Russian Aerospace & Defense Sector using EAGLET implant.
- HAFNIUM-Linked Hacker Xu Zewei Riding the Tides of China’s Cyber Ecosystem
- Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims
- How DEF CON hacking villages help to save the planet
- Clickfix on macOS AppleScript Malware Campaign Uses Terminal Prompts to Steal Data
- Back to Business Lumma Stealer Returns with Stealthier Methods
- The SOC files Rumble in the jungle or APT41’s new target in Africa
- Microsoft Fix Targets Attacks on SharePoint Zero-Day
- Malware Identified in Attacks Exploiting Ivanti Connect Secure Vulnerabilities
- How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies
- Greedy Sponge Targets Mexico with AllaKore RAT and SystemBC
- Getting to the Crux (Ransomware) of the Matter
- The Linuxsys Cryptominer
- Mobile Forensics Tool Used by Chinese Law Enforcement Dissected
- CryptoJacking is dead, long live CryptoJacking
- UNG0002, Regional Threat Operations Tracked Across Multiple Asian Jurisdictions
- Salt Typhoon breach Chinese APT compromises U.S. Army National Guard network
- Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor
- Old Miner, New Tricks H2miner Resurfaces with Lcrypt0rx Ransomware
- Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects
- On the Move Fast Flux in the Modern Threat Landscape
- Hyper-volumetric DDoS attacks skyrocket Cloudflare’s 2025 Q2 DDoS threat report
- eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
- The Good, the Bad, and the Encoding An SS7 Bypass Attack
- KongTuke FileFix Leads to New Interlock RAT Variant
- GLOBAL GROUP Emerging Ransomware-as-a-Service, Supporting AI Driven Negotiation and Mobile Control Panel for Their Affiliates
- Behind the Clouds Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication
- Chasing Ghosts Over RDP Lateral Movement in Tiny Bitmaps
- GAO finds progress in cyber information sharing, warns of rising attacks on critical infrastructure
- Where Everybody Knows Your Name Observing Malice-Complicit Nameservers
- Rendershock Weaponizing Trust in File Rendering Pipelines
- Malware of the Day – Multi-Modal C2 Communication – Numinon C2
- Fix the Click Preventing the ClickFix Attack Vector
- Code highlighting with Cursor AI for $500,000
- AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
- GitHub Abused to Spread Malware Disguised as Free VPN
- From Click to Compromise Unveiling the Sophisticated Attack of DoNot APT Group on Southern European Government Entities
- Combolists and ULP Files on the Dark Web A Secondary and Unreliable Source of Information about Compromises
- NordDragonScan Quiet Data-Harvester on Windows
- Hackers abuse leaked Shellter red team tool to deploy infostealers
- Deploying NetSupport RAT via WordPress & ClickFix
- BERT Ransomware Group Targets Asia and Europe on Multiple Platforms
- NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors
- When Installers Turn Evil The Pascal Script Behind Inno Setup Malware Campaign
- Silent Push Uncovers Chinese Fake Marketplace e-Commerce Phishing Campaign
- Exposed JDWP Exploited in the Wild What Happens When Debug Ports Are Left Open
- Okta observes v0 AI tool used to build phishing sites
- Houken seeking a path by living on the edge with zero-days
- Critical Vulnerability in Microsens Devices Exposes Systems to Hackers
- Jasper Sleet North Korean remote IT workers’ evolving tactics to infiltrate organizations
- Hawaiian Airlines Hit by Cybersecurity Incident
- Odyssey Stealer The Rebrand of Poseidon Stealer
- DeepSeek Deception Sainbox RAT & Hidden Rootkit Delivery
- Patch and Persist Darktrace’s Detection of Blind Eagle (APT-C-36)
- Cybercrime is surging across Africa
- Crash (exploit) and burn Securing the offensive cyber supply chain to counter China in cyberspace
- OneClik A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure
- Cybercriminals Abuse Open-Source Tools To Target Africa’s Financial Sector
- Cryptominers’ Anatomy Shutting Down Mining Botnets
- Chinese “LapDogs” ORB Network Targets US and Asia
- APT36 Phishing Campaign Targets Indian Defense Using Credential-Stealing Malware
- Zoom & doom BlueNoroff call opens the door
- Resurgence of the Prometei Botnet
- Aflac notifies SEC of breach suspected to be work of Scattered Spider
- Part 2 Tracking LummaC2 Infrastructure
- Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure
- What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia
- Threat actor Banana Squad exploits GitHub repos in new campaign
- Ransomware Gangs Collapse as Qilin Seizes Control
- How Fraudsters Are Poisoning Search Results to Promote Phishing Sites
- PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
- Kali Linux 2025.2 released with 13 new tools, car hacking updates
- Is your AI safe? Threat analysis of MCP (Model Context Protocol)
- Fileless AsyncRAT Distributed Via Clickfix Technique Targeting German Speaking Users
- Anubis A Closer Look at an Emerging Ransomware with Built-in Wiper
- Ransomware Scum Disrupted Utility Services with SimpleHelp Attacks
- JSFireTruck Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique
- Fog Ransomware Unusual Toolset Used in Recent Attack
- Toxic trend Another malware threat targets DeepSeek
- Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud
- Global analysis of Adversary-in-the-Middle phishing threats
- Unmasking the Infrastructure of a Spearphishing Campaign
- iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals
- Sleep with one eye open how Librarian Ghouls steal data by night
- GhostVendors Exposed Silent Push Uncovers Massive Network of 4000+ Fraudulent Domains Masquerading as Major Brands
- Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets
- DanaBleed DanaBot C2 Server Memory Leak Bug
- Mapping Hidden Alliances in Russian-Affiliated Ransomware
- Operation Endgame Disrupts AvCheck, Forces Threat Actors to Seek Alternatives
- Chinese Hackers Infiltrated U.S. Telecom Networks a Year Earlier Than Previously Known
- Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure
- The strange tale of ischhfd83 When cybercriminals eat their own
- The Bitter End Unraveling Eight Years of Espionage Antics—Part One
- StormWall Reveals India, China and US Faced Most DDoS Attacks in Q1 2025
- From open-source to open threat Tracking Chaos RAT’s evolution
- Criminals Bribed Outsourced Contractors to Steal Coinbase User Data
- Android malware trends Stealthier, easier-to-use
- The Hidden Cost of Trust New Data Reveals Alarming Employee Engagement with Vendor Email Compromise
- How Threat Actors Exploit Human Trust A Breakdown of the 'Prove You Are Human' Malware Scheme
- Victims risk AsyncRAT infection after being redirected to fake Booking.com sites
- Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban
- Backdoors in Python and NPM Packages Target Windows and Linux
- Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown
- Interlock ransomware what you need to know
- Monkey-Patched PyPI Packages Use Transitive Dependencies to Steal Solana Private Keys
- Haozi’s Plug-and-Play Phishing-as-a-Service Has Facilitated $280,000 of Criminal Transactions Over Past Five Months
- Cybercriminals camouflaging threats as AI tool installers
- Zanubis in motion Tracing the active evolution of the Android banking malware
- Pakistan Telecommunication Company (PTCL) Targeted by Bitter APT During Heightened Regional Conflict
- Text-to-Malware How Cybercriminals Weaponize Fake AI-Themed Websites
- New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
- Malware or LLM? Silent Werewolf employs new loaders to attack Russian and Moldovan organizations
- Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
- Earth Lamia Develops Custom Arsenal to Target Multiple Industries
- AIVD and MIVD identify new Russian cyber threat actor
- SilverRAT Source Code Leaked Online Here’s What You Need to Know
- Reborn in Rust AsyncRAT
- Eye of the Storm Dissecting the Playbook of Cyber Toufan
- Operation Sindoor – Anatomy of a Digital Siege