data
-
Lionishackers Exfiltrate Sensitive Corporate Databases for Sale on the Dark Web
Outpost24’s threat intelligence researchers have uncovered the operations of Lionishackers, a financially motivated cyber threat actor specializing in the exfiltration…
Read More » -
Stealing Login Credentials from 19 Major Browsers
A sophisticated new information stealer named SHUYAL was recently discovered by Hybrid Analysis. It has demonstrated extensive capabilities in credential…
Read More » -
Microsoft Investigates Leak in Early Warning System Used by Chinese Hackers to Exploit SharePoint Vulnerabilities
Chinese laws requiring vulnerability disclosure to the government create transparency issues and potential conflicts for international cybersecurity efforts. Microsoft is…
Read More » -
Hackers Exploit Official Gaming Mouse Software to Spread Windows-based Xred Malware
Gaming peripheral manufacturer Endgame Gear has disclosed a security incident involving malware-infected software distributed through their official website, affecting users…
Read More » -
Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware
CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates…
Read More » -
New Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow Copies
AhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces. Through its…
Read More » -
New CastleLoader Attack Uses Cloudflare-themed Clickfix Method to Compromise Windows Systems
A newly identified loader malware dubbed CastleLoader has emerged as a significant threat since early 2025, rapidly evolving into a…
Read More » -
AI-Powered Cyber Attacks Utilize ML Algorithms to Deploy Malware and Circumvent Traditional Security
Artificial intelligence (AI) and machine learning (ML) are enabling hackers to plan extremely complex assaults that surpass conventional defenses in…
Read More » -
Metasploit Module Released to Exploit SharePoint 0-Day Vulnerabilities
Security researchers have released a Metasploit exploitation module targeting critical zero-day vulnerabilities in Microsoft SharePoint Server, marking a significant escalation…
Read More » -
Hidden Backdoor in WordPress Plugins Grants Attackers Ongoing Access to Websites
Security researchers have discovered a concerning trend in which a highly skilled malware campaign has been targeting WordPress websites by…
Read More » -
Ransomware Groups Weaponize RMM Tools to Infiltrate Networks and Exfiltrate Data
Ransomware gangs have increasingly co-opted Remote Monitoring and Management (RMM) tools originally designed for IT operations to orchestrate sophisticated network…
Read More » -
Iranian Hackers Target Global Airlines to Steal Sensitive Data
APT39, a hacker collective connected to Iran’s Ministry of Intelligence and Security (MOIS), was exposed as operating through the compromised…
Read More » -
Scavenger Malware Compromises Popular npm Packages to Target Developers
The well-known npm package eslint-config-prettier was released without authorization, according to several GitHub users, even though its repository did not…
Read More » -
AI-Powered Cloaking Tools Help Threat Actors Hide Malicious Domains from Security Scans
Threat actors are increasingly adopting AI-powered cloaking services to obfuscate phishing domains, counterfeit e-commerce sites, and malware distribution endpoints from…
Read More » -
Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks
A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated…
Read More » -
Sophos Intercept X for Windows Flaws Enable Arbitrary Code Execution
Sophos has disclosed three critical security vulnerabilities in its Intercept X for Windows endpoint security solution that could allow attackers…
Read More » -
Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials
Threat actors have been using a sophisticated phishing operation to impersonate Turkish Aerospace Industries (TUSAŞ) in order to attack Turkish…
Read More »