malware
-
Blind Eagle Targets Organizations with Weaponized .URL Files to Steal User Hashes
In a significant development in the cybersecurity landscape, APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting…
Read More » -
Microsoft’s Time Travel Debugging Tool Vulnerability Let Attackers Execute Code Remotely
Microsoft’s Time Travel Debugging (TTD) framework, a powerful tool for recording and replaying Windows program executions, has been found to…
Read More » -
New PyPI Malware Targets Developers to Steal Ethereum Wallets
A recent discovery by the Socket Research Team has unveiled a malicious PyPI package named set-utils, designed to steal Ethereum…
Read More » -
Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft
The cybersecurity landscape has recently been impacted by the emergence of the Strela Stealer malware, a sophisticated infostealer designed to…
Read More » -
Lumma Stealer Using Fake Google Meet & Windows Update Sites to Launch “Click Fix” Style Attack
Cybersecurity researchers continue to track sophisticated “Click Fix” style distribution campaigns that deliver the notorious Lumma Stealer malware to unsuspecting…
Read More » -
10 Best Penetration Testing Companies in 2025
Penetration testing companies play a vital role in strengthening the cybersecurity defenses of organizations by identifying vulnerabilities in their systems,…
Read More » -
Threat Actors Exploiting AES Encryption for Stealthy Payload Protection
Cybersecurity researchers have uncovered a surge in the use of Advanced Encryption Standard (AES) encryption by threat actors to shield…
Read More » -
New GitHub Scam Uses Fake “Mods” and “Cracks” to Steal User Data
A sophisticated malware campaign leveraging GitHub repositories disguised as game modifications and cracked software has been uncovered, exposing a dangerous…
Read More » -
Network Penetration Testing Checklist – 2025
Network penetration testing is a cybersecurity practice that simulates cyberattacks on an organization’s network to identify vulnerabilities and improve security…
Read More » -
Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globally
A sophisticated cyberespionage campaign linked to Chinese state-sponsored actors has exploited a previously patched Check Point VPN vulnerability (CVE-2024-24919) to…
Read More » -
New Pass-the-Cookie Attacks Bypass MFA, Giving Hackers Full Account Access
Multi-factor authentication (MFA), long considered a cornerstone of cybersecurity defense, is facing a formidable new threat: “Pass-the-Cookie” attacks. Recent findings reveal…
Read More » -
Lotus Blossom Hacker Group Uses Dropbox, Twitter, and Zimbra for C2 Communications
The Lotus Blossom hacker group, also known as Spring Dragon, Billbug, or Thrip, has been identified leveraging legitimate cloud services…
Read More » -
Silver Fox APT Hackers Target Healthcare Services to Steal Sensitive Data
A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox, has been uncovered, targeting healthcare…
Read More » -
Hackers Evade Outlook Spam Filters to Deliver Malicious ISO Files
A newly discovered technique allows threat actors to circumvent Microsoft Outlook’s spam filters to deliver malicious ISO files, exposing organizations…
Read More » -
New Zhong Stealer Malware Exploit Zendesk to Attack Fintech and Cryptocurrency
A newly identified malware, dubbed Zhong Stealer, has emerged as a significant threat to the fintech and cryptocurrency sectors. Any.run…
Read More » -
SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix
In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer overflow vulnerability CVE-2025-0282 in Ivanti Connect…
Read More »