phishing

October 23, 2025

Injecting Malicious Code into RMClient to Evade EDR

CyberProof researchers detected a significant surge in Remcos (Remote Control & Surveillance Software) campaigns throughout September and October 2025, exploiting…
Read More »
October 22, 2025

Threat Actors Advancing Email Phishing Attacks to Bypass Security Filters

Cybercriminals continue to evolve their email phishing arsenals, reviving legacy tactics while layering on advanced evasions to slip past automated…
Read More »
October 21, 2025

Cavalry Werewolf APT Targets Multiple Sectors Using FoalShell and StallionRAT

From May to August 2025, an advanced persistent threat group known as Cavalry Werewolf—also tracked as YoroTrooper and Silent Lynx—executed…
Read More »
October 20, 2025

Winos 4.0 Malware Uses Weaponized PDFs Posing as Government Departments to Infect Windows Machines

Security researchers are tracking a high-severity malware campaign that uses weaponized PDF files to distribute the Winos 4.0 malware. The…
Read More »
October 18, 2025

Authorities Shut Down Cybercrime-as-a-Service, Seize 40,000 SIM Cards

Law enforcement authorities across Europe have dismantled a sophisticated cybercrime-as-a-service operation that enabled criminals to commit widespread fraud and other…
Read More »
October 17, 2025

Fake ‘LastPass Hack’ Emails Spreading Malware

A new phishing campaign impersonating LastPass is circulating today, October 13, 2025, aiming to deceive users into downloading malicious desktop…
Read More »
October 16, 2025

PhantomVAI Loader Launches Global Campaign to Distribute AsyncRAT, XWorm, FormBook, and DCRat

PhantomVAI Loader, a newly renamed multi-stage .NET loader tracked by Unit 42, is being used in widespread phishing campaigns to…
Read More »
October 15, 2025

GhostBat RAT Android Malware Poses as Fake RTO Apps to Steal Banking Data from Indian Users

The GhostBat RAT campaign leverages diverse infection vectors—WhatsApp, SMS with shortened URLs, GitHub-hosted APKs, and compromised websites—to distribute malicious Android…
Read More »
October 13, 2025

Russian Cybercrime Marketplace Shifting from RDP Access to Malware Stealer Log Exploits

The online cybercrime marketplace, Russian Market, has evolved from selling Remote Desktop Protocol (RDP) access to becoming one of the…
Read More »
October 12, 2025

175 Malicious npm Packages Targeting Tech and Energy Firms, 26,000 Downloads

Socket’s Threat Research Team has uncovered a sprawling phishing campaign—dubbed “Beamglea”—leveraging 175 malicious npm packages that have amassed over 26,000…
Read More »
October 11, 2025

Chaosbot Using CiscoVPN and Active Directory Passwords for Network Commands

Adversaries have once again demonstrated that operational hours are irrelevant when mounting sophisticated cyberattacks. eSentire’s TRU team first observed suspicious…
Read More »
October 8, 2025

Top 10 Best Brand Protection Solutions for Enterprises in 2025

Best Brand Protection Solutions For Enterprises Brand protection has become a necessity for enterprises in 2025, with increasing risks of…
Read More »
October 7, 2025

CISA Issues Alert on Active Exploitation of Microsoft Windows Privilege Escalation Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a critical privilege escalation vulnerability in Microsoft…
Read More »
October 6, 2025

Ransomware Gangs Exploit Remote Access Tools to Stay Hidden and Maintain Control

Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools…
Read More »
October 5, 2025

SideWinder Hacker Group Targets Users with Fake Outlook/Zimbra Portals to Steal Login Credentials

The notorious SideWinder APT group has intensified its credential harvesting operations across South Asia, deploying sophisticated phishing campaigns that target…
Read More »
October 4, 2025

Threat Actors Pose as Government Officials to Attack Organizations with StallionRAT

In a recent wave of targeted phishing campaigns, the Cavalry Werewolf cluster has escalated its operations by impersonating government officials…
Read More »
October 4, 2025

New Android Spyware Targeting Users by Imitating Signal and ToTok Apps

ESET researchers have uncovered two sophisticated Android spyware campaigns that target users seeking secure communication platforms by impersonating popular messaging…
Read More »
October 3, 2025

Top 10 Best Supply Chain Risk Management Solutions in 2025

Best Supply Chain Risk Management Solutions In today’s globalized world, managing supply chain risks has become a top priority for…
Read More »
September 29, 2025

New Spear-Phishing Attack Deploys DarkCloud Malware to Steal Keystrokes and Credentials

Adversaries don’t work 9–5 and neither do we. At eSentire, our 24/7 SOCs are staffed with elite threat hunters and…
Read More »
September 28, 2025

Hackers Breach Active Directory, Steal NTDS.dit for Full Domain Compromise

Threat actors recently infiltrated a corporate environment, dumped the AD database file NTDS.dit, and nearly achieved full domain control. AD…
Read More »

Previous page Next page