embedded

October 16, 2025

North Korean Hackers Deploy BeaverTail–OtterCookie Combo for Keylogging Attacks

Researchers at Cisco Talos have uncovered a sophisticated campaign by the Famous Chollima subgroup of Lazarus, wherein attackers deploy blended…
Read More »
October 14, 2025

Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads

In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that…
Read More »
October 12, 2025

Threat Actors Exploit Discord Webhooks for C2 via npm, PyPI, and Ruby Packages – GBHackers Security

Threat actors are increasingly abusing Discord webhooks as covert command-and-control (C2) channels inside open-source packages, enabling stealthy exfiltration of secrets,…
Read More »
October 12, 2025

LLM-Powered MalTerminal Malware Uses OpenAI GPT-4 to Create Ransomware Code

LLM-enabled malware poses new challenges for detection and threat hunting as malicious logic can be generated at runtime rather than…
Read More »
October 12, 2025

175 Malicious npm Packages Targeting Tech and Energy Firms, 26,000 Downloads

Socket’s Threat Research Team has uncovered a sprawling phishing campaign—dubbed “Beamglea”—leveraging 175 malicious npm packages that have amassed over 26,000…
Read More »
October 11, 2025

Chaosbot Using CiscoVPN and Active Directory Passwords for Network Commands

Adversaries have once again demonstrated that operational hours are irrelevant when mounting sophisticated cyberattacks. eSentire’s TRU team first observed suspicious…
Read More »
October 9, 2025

Top 10 Best Supply Chain Intelligence Security Companies in 2025

Supply Chain Intelligence Security Companies In 2025, securing global supply chains is one of the top priorities for enterprises seeking…
Read More »
October 6, 2025

Ransomware Gangs Exploit Remote Access Tools to Stay Hidden and Maintain Control

Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools…
Read More »
October 5, 2025

GhostSocks Malware-as-a-Service Turns Compromised Devices into Proxies for Threat Actors

On October 15, 2023, a threat actor using the handle GhostSocks published a sales post on the Russian cybercrime forum…
Read More »
October 4, 2025

Threat Actors Pose as Government Officials to Attack Organizations with StallionRAT

In a recent wave of targeted phishing campaigns, the Cavalry Werewolf cluster has escalated its operations by impersonating government officials…
Read More »
October 1, 2025

Ukraine Warns of Weaponized XLL Files Delivering CABINETRAT Malware via Zip Archives

Ukraine’s national cyber incident response team, CERT-UA, has issued an urgent warning about a new malware campaign that weaponizes Excel…
Read More »
October 1, 2025

Top 10 Best Vulnerability Management Software in 2025

Best Vulnerability Management Software In today’s fast-paced digital environment, organizations face constant threats from cybercriminals exploiting weaknesses in IT systems.…
Read More »
September 30, 2025

New Chinese Nexus APT Group Targeting Organizations to Deploy NET-STAR Malware Suite

China-linked advanced persistent threat (APT) group Phantom Taurus has intensified espionage operations against government and telecommunications targets across Africa, the…
Read More »
September 28, 2025

Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach

In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including…
Read More »
September 27, 2025

New Botnet ‘Loader-as-a-Service’ Turns Home Routers and IoT into Mirai Farms

CloudSEK has uncovered a sophisticated Loader-as-a-Service botnet campaign spanning the last six months, leveraging exposed command-and-control logs to orchestrate attacks…
Read More »
September 27, 2025

Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks

Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide.…
Read More »
September 26, 2025

Top 10 Best AI Penetration Testing Companies In 2025

In 2025, AI penetration testing tools have become the backbone of modern cybersecurity strategies, offering automation, intelligence-driven reconnaissance, and vulnerability…
Read More »
September 25, 2025

Chinese State-Sponsored Hackers Targeting Telecommunications Infrastructure to Steal Sensitive Data

Chinese state-sponsored cyber threat group Salt Typhoon has intensified long-term espionage operations against global telecommunications infrastructure, according to recent legal…
Read More »
September 23, 2025

Libraesva ESG Vulnerability Allows Attackers to Execute Malicious Commands

A critical command injection vulnerability in Libraesva ESG email security gateways has been discovered, allowing attackers to execute arbitrary commands…
Read More »
September 20, 2025

Deceptive Tactics to Bypass Security Systems

Since January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake…
Read More »

Previous page Next page