malicious
-
NOVABLIGHT Masquerades as Educational Tool to Steal Login Credentials and Compromise Crypto Wallets
A newly analyzed Malware-as-a-Service (MaaS) infostealer, NOVABLIGHT, has emerged as a significant cybersecurity threat, targeting unsuspecting users with advanced data…
Read More » -
Hackers Deploy Cobalt Strike Beacon Using GitHub and Social Media
A sophisticated cyberattack campaign disrupted the Russian IT industry and entities in several other countries, leveraging advanced evasion techniques to…
Read More » -
Android Banking Malware Masquerades as Government Agencies to Attack Users
Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated Android banking trojan dubbed RedHook, which disguises itself as legitimate…
Read More » -
Bulletproof Hosting Provider Powering Global Malware Campaigns
Security researchers may have discovered a reliable hosting company run by Qwins Ltd. that supports a broad range of international…
Read More » -
Lionishackers Exfiltrate Sensitive Corporate Databases for Sale on the Dark Web
Outpost24’s threat intelligence researchers have uncovered the operations of Lionishackers, a financially motivated cyber threat actor specializing in the exfiltration…
Read More » -
ArmouryLoader Bypasses Security Protections to Inject Malicious Code
ArmouryLoader and other malicious code loaders have become essential tools for introducing Trojan-type payloads into hacked systems in the ever-changing…
Read More » -
Fire Ant Hackers Target VMware ESXi and vCenter Flaws to Infiltrate Organizations
Cybersecurity firm Sygnia has been tracking and mitigating a sophisticated espionage operation dubbed Fire Ant, which zeroes in on virtualization…
Read More » -
Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware
CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates…
Read More » -
New CastleLoader Attack Uses Cloudflare-themed Clickfix Method to Compromise Windows Systems
A newly identified loader malware dubbed CastleLoader has emerged as a significant threat since early 2025, rapidly evolving into a…
Read More » -
Elephant APT Group Exploits VLC Player and Encrypted Shellcode in Attacks on Defense Sector
Arctic Wolf Labs has uncovered a sophisticated cyber-espionage operation attributed to the Dropping Elephant advanced persistent threat (APT) group, also…
Read More » -
Hidden Backdoor in WordPress Plugins Grants Attackers Ongoing Access to Websites
Security researchers have discovered a concerning trend in which a highly skilled malware campaign has been targeting WordPress websites by…
Read More » -
Ransomware Groups Weaponize RMM Tools to Infiltrate Networks and Exfiltrate Data
Ransomware gangs have increasingly co-opted Remote Monitoring and Management (RMM) tools originally designed for IT operations to orchestrate sophisticated network…
Read More » -
Iranian Hackers Target Global Airlines to Steal Sensitive Data
APT39, a hacker collective connected to Iran’s Ministry of Intelligence and Security (MOIS), was exposed as operating through the compromised…
Read More » -
Scavenger Malware Compromises Popular npm Packages to Target Developers
The well-known npm package eslint-config-prettier was released without authorization, according to several GitHub users, even though its repository did not…
Read More » -
wolfSSL Security Update Addresses Apple Trust Store Bypass
wolfSSL has released version 5.8.2 to address several critical security vulnerabilities, with the most significant being a high-severity Apple trust…
Read More » -
UNG0002 Deploys Weaponized LNK Files with Cobalt Strike and Metasploit to Target Organizations
Seqrite Labs APT-Team has uncovered a persistent threat entity, UNG0002 (Unknown Group 0002), orchestrating espionage-driven operations across Asian jurisdictions, including…
Read More »