embedded
-
March 12, 2026
New ClickFix Attacks Target macOS Users with MacSync Infostealer
A new wave of ClickFix campaigns are targeting macOS users and delivering the MacSync infostealer, signaling a growing shift in…
Read More » -
March 10, 2026
Attackers Use Malformed ZIP Archives to Evade Antivirus and EDR Tools
Cybersecurity researchers at the CERT Coordination Center (CERT/CC) have issued a warning regarding a newly disclosed evasion technique tracked as…
Read More » -
March 9, 2026
BoryptGrab Malware Abuses GitHub to Steal Browser and Crypto Wallet Data
A new Windows stealer dubbed BoryptGrab is being distributed through a large, ongoing campaign abusing fake GitHub repositories that pose as free…
Read More » -
March 7, 2026
China-Nexus Hackers Target Telecommunication Providers with New Malware Attack
A highly sophisticated China-linked threat actor, identified as UAT-9244, has been actively targeting critical telecommunications infrastructure across South America since…
Read More » -
March 4, 2026
CISA Warns Qualcomm Chipsets Memory Corruption Vulnerability Is Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) added the critical Qualcomm chipset vulnerability to its Known Exploited Vulnerabilities (KEV) catalog…
Read More » -
December 23, 2025
Arcane Werewolf Hacker Group Expands Arsenal with Loki 2.1 Malware Toolkit
The cyber espionage group known as Arcane Werewolf (also tracked as Mythic Likho) has significantly upgraded its offensive capabilities, targeting…
Read More » -
December 20, 2025
New Kibana Vulnerabilities Allow Attackers to Embed Malicious Scripts
Elastic has recently released critical security updates to address a severe cross-site scripting (XSS) vulnerability that affects multiple versions of…
Read More » -
December 20, 2025
Iranian APT Targeting Networks and Critical Infrastructure Organizations
A new wave of sophisticated malware campaigns has been launched by Iranian state-sponsored threat actors, targeting critical infrastructure organizations worldwide.…
Read More » -
December 19, 2025
Targeted Phishing Attack Strikes HubSpot Users
Evalian’s Security Operations Centre has discovered a sophisticated phishing campaign targeting HubSpot customers, which combines business email compromise (BEC) tactics…
Read More » -
December 17, 2025
ClickFix Spoof of “Word Online” Used to Spread DarkGate Malware
A sophisticated social engineering campaign has been uncovered, utilizing a fake “Word Online” extension error message to distribute the notorious…
Read More » -
December 16, 2025
ZnDoor Malware Actively Exploits React2Shell to Breach Network Infrastructure
Since December 2025, security operations centers have identified a rising threat targeting Japanese enterprises through the exploitation of React2Shell (CVE-2025-55182),…
Read More » -
December 15, 2025
New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems
CyberVolk, a pro-Russia hacktivist group first identified in late 2024, has re-emerged with a sophisticated ransomware-as-a-service (RaaS) offering called VolkLocker…
Read More » -
December 14, 2025
Hackers Launch Rust-Based Luca Stealer Targeting Linux and Windows
Cybercriminals are shifting away from traditional programming languages like C and C++ and towards modern alternatives such as Rust, Golang,…
Read More » -
December 12, 2025
Severe Flaws in React Server Components Enable DoS Attacks and Code Exposure
Recently, security researchers uncovered two new vulnerabilities in React Server Components, which put servers at risk of Denial-of-Service (DoS) attacks…
Read More » -
December 11, 2025
19 Fake PNG Extensions Found in VS Code Marketplace
Researchers at ReversingLabs (RL) have uncovered a sophisticated supply chain campaign that involves 19 malicious Visual Studio Code (VS Code)…
Read More » -
December 11, 2025
Threat Actors Exploit ChatGPT and Grok Conversations to Deliver AMOS Stealer
The cybersecurity landscape has reached a critical juncture, marked by a sophisticated campaign that leverages the Atomic macOS Stealer (AMOS)…
Read More » -
December 9, 2025
New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware
A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading…
Read More » -
December 8, 2025
Hacktivist Groups Targeting Israel with Cyberattacks
A new platform, known as the “kitten” project, has emerged as a coordination hub for hacktivist campaigns targeting Israel, operating…
Read More » -
December 8, 2025
Encrypted Configuration and Obfuscation Techniques
In the second installment of the “Advent of Configuration Extraction” series, security researchers have unwrapped QuasarRAT, a widely-deployed .NET remote…
Read More » -
December 3, 2025
Threat Actors Using Matanbuchus Downloader to Deliver Ransomware and Maintain Persistence
Threat actors are increasingly abusing the Matanbuchus malicious downloader as a key enabler for hands-on-keyboard ransomware operations, using its backdoor-like…
Read More »