campaigns
-
4,000+ Routers Compromised by KadNap Malware Exploiting Vulnerabilities
A newly uncovered malware campaign known as KadNap has silently infected over 14,000 internet-connected routers and edge devices, primarily targeting…
Read More » -
AI-Driven Phishing Attacks Bypass Email Filters, Land in Inboxes
AI-generated phishing is rapidly reshaping email risk, with more attacks slipping past filters and landing directly in users’ inboxes, even…
Read More » -
SurxRAT Android Malware Uses LLMs for Phishing and Data Theft
A new Android Remote Access Trojan (RAT) named SurxRAT, which is being sold as a commercial malware platform through a…
Read More » -
Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threats
Iran-linked threat actors are escalating cyber operations against U.S. and allied networks, with Seedworm recently deploying new backdoors against critical…
Read More » -
Fake CleanMyMac Site Spreads SHub Stealer, Targets Crypto Wallets
Hackers are leveraging a counterfeit CleanMyMac download site to deploy SHub Stealer on macOS users, a potent infostealer that compromises…
Read More » -
Threat Actors Exploit Fake Claude Code Downloads to Deploy Infostealer Malware
Threat actors are abusing interest in Anthropic’s Claude Code tools by setting up fake download pages that ultimately drop a…
Read More » -
Iranian APT Groups Intensify Cyberattacks on Critical Infrastructure Amid Rising Geopolitical Tensions
A dramatic escalation in Middle Eastern tensions began last week with Operation Lion’s Roar, a joint U.S.-Iranian military strike on…
Read More » -
AzCopy Utility Misused for Data Exfiltration in Ongoing Ransomware Attacks
Ransomware operators are increasingly abusing Microsoft’s trusted Azure data transfer utility, AzCopy, to quietly exfiltrate sensitive data before encryption, turning…
Read More » -
AuraStealer Infostealer Targeting Users with 48 C2 Domains in Ongoing Campaigns
Threat actors are actively deploying a new infostealer dubbed “AuraStealer,” backed by a growing customer base, 48 identified command‑and‑control (C2)…
Read More » -
Mapping the Emerging Alliance Between Qilin, DragonForce, and LockBit
In mid-September 2025, the ransomware landscape witnessed a significant development when DragonForce announced an alliance with Qilin and LockBit on…
Read More » -
New Lazarus and Kimsuky Infrastructure Discovered with Active Tools and Tunneling Nodes
Security researchers from Hunt.io and Acronis Threat Research Unit have made a groundbreaking discovery, uncovering a complex network of operational…
Read More » -
ForumTrol Operation Uses Chrome Zero-Day in Fresh Phishing Attacks
The ForumTroll APT group has re-emerged with a highly sophisticated phishing campaign aimed at Russian academics, marking a significant escalation…
Read More » -
Parked Domains Emerge as a Primary Channel for Malware and Phishing
The landscape of domain parking has undergone a significant transformation over the past decade, evolving from a relatively benign monetization…
Read More » -
CISA Alerts on Apple WebKit Zero-Day Actively Used in Cyberattacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability affecting multiple Apple products to its Known…
Read More » -
Link11 Identifies Five Cybersecurity Trends Shaping European Defense Strategies in 2026
Link11, a leading European provider of web infrastructure security solutions, has released new insights highlighting five key cybersecurity developments that…
Read More » -
Research Findings on the Fate of Data Stolen in Phishing Attacks
Recent research conducted by Kaspersky has shed light on the entire lifecycle of data stolen during phishing attacks, exposing a…
Read More » -
644K+ Websites at Risk Due to Critical React Server Components Flaw
A critical vulnerability known as “React2Shell” has been identified by the Shadowserver Foundation, posing a significant threat to a massive…
Read More »