tools
-
North Korean IT Worker Used Stolen Identity, AI-Generated Resume in Job Scam
A recent investigation exposed how a suspected North Korean IT worker allegedly used a stolen identity, AI-generated resume content, and…
Read More » -
Stealthy .NET Malware Adds AV Killer, HVNC Features
CrySome RAT is a newly observed, advanced .NET remote access trojan that combines full-featured post‑exploitation tooling with unusually hardened persistence,…
Read More » -
ClickFix Evades PowerShell Detection via Rundll32 and WebDAV
A new ClickFix attack variant has been identified that evades detection by shifting execution away from PowerShell and mshta towards…
Read More » -
New Homoglyph Tricks Let Cybercriminals Mimic Trusted Domains
New homoglyph attack techniques exploit subtle visual similarities in text to spoof trusted domains, steal credentials, and bypass Unicode handling…
Read More » -
Malicious Browser Extensions Hijack Users’ AI Chats in New “Prompt Poaching” Attack
A new wave of malicious browser extensions is quietly harvesting sensitive user interactions with AI tools, now widely recognized as…
Read More » -
Hackers Implant Stealthy BPFdoor Backdoors in Telecom Networks for Persistent Access
A China-nexus threat actor known as Red Menshen is planting stealthy backdoors deep inside global telecommunications networks. According to a…
Read More » -
Hackers Target South Asian Financial Firm with BRUSHWORM and BRUSHLOGGER Attacks
A South Asian financial institution faced compromise due to a custom malware toolkit combining a modular backdoor (BRUSHWORM) and a…
Read More » -
TeamPCP Hackers Focus on AI Developers, Planting Malicious Code to Disrupt Projects
The FBI Cyber Division has issued a critical alert following a massive supply chain attack orchestrated by the threat actor…
Read More » -
Silver Fox Cyberattack Targets Japanese Businesses with Tax-Themed Phishing Scams
A threat actor known as Silver Fox is targeting Japanese organizations with a new wave of spearphishing attacks timed to…
Read More » -
CISA Issues Urgent Warning on Langflow Code Injection Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical code-injection vulnerability discovered within Langflow.…
Read More » -
VoidLink Rootkit Leverages eBPF and Kernel Modules to Stealthily Infiltrate Linux Systems
VoidLink is a new Linux rootkit family that combines classic kernel modules with eBPF to hide processes and network activity…
Read More » -
GhostClaw AI Malware Targets macOS Users with Credential-Stealing Payloads
GhostClaw, a multi-stage macOS infostealer, now exploits both GitHub repositories and AI-assisted development workflows to steal credentials and deploy secondary…
Read More » -
$30 IP-KVM Flaws Could Enable BIOS-Level Enterprise Network Attacks
Recent threat research exposes a critical security crisis with low-cost IP-KVM devices, revealing nine vulnerabilities across four prominent vendors. These…
Read More » -
Oblivion RAT Masquerades as Play Store Update to Spy on Android Users
A newly discovered Android remote access trojan (RAT) called Oblivion RAT is raising concerns across the mobile threat landscape. Marketed…
Read More » -
MioLab MacOS Stealer Expands With ClickFix, Wallet Theft, Team APIs
As Apple’s macOS footprint grows in both consumer and enterprise environments, dedicated infostealers like MioLab (aka Nova) demonstrate that Macs…
Read More » -
SEO Poisoning Campaign Uses Fake Popular Apps to Deliver AsyncRAT
An ongoing SEO poisoning campaign abuses search results to trick users into downloading trojanized installers for more than 25 popular…
Read More » -
VoidStealer Malware Cracks Chrome’s Master Encryption Key with Novel Hardware Breakpoint Technique
An information stealer called VoidStealer employs a novel technique to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key…
Read More » -
Copyright Complaint Lures Linked to New PureLog Stealer Credential Theft Wave
Criminals are actively deploying the PureLog Stealer malware through a sophisticated, multi-stage assault campaign that disguises itself as legitimate copyright…
Read More »