campaigns
-
GhostClaw AI Malware Targets macOS Users with Credential-Stealing Payloads
GhostClaw, a multi-stage macOS infostealer, now exploits both GitHub repositories and AI-assisted development workflows to steal credentials and deploy secondary…
Read More » -
Mirai Botnets Evolve Into Major DDoS and Proxy Abuse Threats
Mirai-based botnets have evolved from simple IoT malware into large-scale DDoS and proxy abuse platforms underpinning record-breaking attacks and stealthy…
Read More » -
Tycoon2FA Operators Resume Cloud Account Phishing Following Infrastructure Disruption
Tycoon 2FAoperators have restarted large-scale cloud account phishing just days after law enforcement and industry partners disrupted the platform’s core…
Read More » -
DarkSword Exploit Chain Leaked Online, Posing Risk to Millions of iPhones
Security experts haveverified that the advanced iOS exploit chain known as DarkSword is now accessible outside of its original threat…
Read More » -
Oblivion RAT Masquerades as Play Store Update to Spy on Android Users
A newly discovered Android remote access trojan (RAT) called Oblivion RAT is raising concerns across the mobile threat landscape. Marketed…
Read More » -
CISA Warns of Craft CMS Code Injection Flaw Exploited in Active Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Craft CMS to its Known Exploited…
Read More » -
Libyan Refinery Targeted in Prolonged Spy Campaign With AsyncRAT
A targeted cyber espionage campaign against Libyan organizations compromised a Libyan oil refinery, a telecommunications provider, and a state institution…
Read More » -
CISA Issues Warning on Apple Vulnerabilities Exploited Through DarkSword iOS Chain
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding three critical security flaws affecting the Apple…
Read More » -
Phishing Campaign Targeting Signal and WhatsApp Users Linked to Russian Intelligence
Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp through phishing campaigns…
Read More » -
Authorities Dismantle IoT Botnet Linked to Record-Shattering 30 Tbps DDoS Campaigns
An international law enforcement operation has dismantled the core infrastructure of four destructive IoT botnets: Aisuru, KimWolf, JackSkid, and Mossad.…
Read More » -
Fake Tools and CDNs Power New “Vibe-Coded” Malware Campaign
“Vibe coding” has evolved from a buzzword to a key battleground, and a new malware campaign shows how attackers are…
Read More » -
LeakNet boosts ransomware with ClickFix lures, stealthy Deno loader
Ransomware group LeakNet is scaling its operation by integrating mass-market social engineering lures via ClickFix techniques with a stealthy Deno-based…
Read More » -
Iranian Hackers Use Compromised Cameras for Regional Surveillance
Iranian cyber operations are expanding, focusing on US organizations and utilizing internet-connected cameras across the Middle East for intelligence and…
Read More » -
CISA Alerts Users to Exploited Chrome 0-Day Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has released an urgent security advisory concerning two highly critical zero-day vulnerabilities currently…
Read More » -
IBM Discovers ‘Slopoly’ AI-Generated Malware Linked to Hive0163 Ransomware
Hive0163, a financially driven ransomware group, is testing a probable AI-generated malware framework named “Slopoly,” signaling a rapid shift toward…
Read More » -
Global Authorities Take Down 45,000 Malicious IPs Used in Ransomware Campaigns
An unprecedented international law enforcement effort has successfully dismantled a major cybercrime network. Coordinated by INTERPOL, this initiative targeted critical…
Read More » -
Hackers Exploit CloudFlare Anti-Security to Steal Microsoft 365 Login Credentials
A recent Microsoft 365 credential harvesting campaign shows attackers exploiting CloudFlare’s protective features to shield malicious phishing sites from security…
Read More »