variant
-
LOTUSLITE: How Mustang Panda is Weaponizing Trusted Binaries Against the Banking Sector
In a sophisticated display of “living off the land” tradecraft, threat actors are increasingly leveraging Microsoft-signed developer tools to mask…
Read More » -
The Rise of ‘Gentlemen’: A Multi-Platform RaaS Threat Targeting Enterprise Infrastructure
The ransomware landscape is witnessing the rapid ascent of a sophisticated Ransomware-as-a-Service (RaaS) operation known as Gentlemen. Unlike many opportunistic…
Read More » -
From Dundee to Federal Custody: UK Man Stole $8M via SMiShing and SIM Swaps
When we talk about cyber intrusions, we often think of complex code or zero-day exploits. However, as the recent case…
Read More » -
Nexcorium: Aggressive Mirai Botnet Exploits Critical IoT Vulnerability
A new Mirai malware variant dubbed Nexcorium is actively compromising unpatched Internet of Things (IoT) devices, with attackers exploiting a…
Read More » -
Exploitation of CVE-2026-39987 in Marimo: A Multi-Stage Attack Campaign Targeting AI/ML Developer Infrastructure
Threat actors are actively exploiting CVE-2026-39987, a critical pre-authentication remote code execution (RCE) vulnerability in the marimo Python notebook platform,…
Read More » -
OpenAI Launches GPT-5.4-Cyber to Bolster Cyber Defenses
OpenAI has introduced GPT-5.4-Cyber, a purpose-built variant of its flagship GPT-5.4 model, fine-tuned specifically for advanced defensive cybersecurity workflows. The…
Read More » -
New PlugX USB Worm Variant Spreads Globally Using Stealthy DLL Sideloading Techniques
A new variant of the PlugX USB worm is causing renewed concern as it spreads across several continents, leveraging DLL…
Read More » -
Janela RAT: Financial Cybercrime Campaign Using Fake MSI Installers and Malicious Browser Extensions
Janela Remote Access Trojan (RAT) campaigns leverage fake Windows MSI installers and malicious browser extensions to infiltrate financial networks and…
Read More » -
APT37 Campaign: Social Engineering via Facebook & Tampered PDFelement Targets Defense Sector
North Korea-linked threat actor APT37 is conducting a sophisticated intrusion campaign that weaponizes Facebook and Telegram to deliver a tampered…
Read More » -
North Korea’s Modular Malware Strategy Hides Attribution, Defies Takedowns
North Korea’s cyber operations have evolved from a monolithic structure to a modular, portfolio-style ecosystem. This design ensures resilience, making…
Read More » -
ClickFix Evades PowerShell Detection via Rundll32 and WebDAV
A new ClickFix attack variant has been identified that evades detection by shifting execution away from PowerShell and mshta towards…
Read More » -
VoidLink Rootkit Leverages eBPF and Kernel Modules to Stealthily Infiltrate Linux Systems
VoidLink is a new Linux rootkit family that combines classic kernel modules with eBPF to hide processes and network activity…
Read More »