Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware...
An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own...
The United States government said today that a multinational law enforcement operation has destroyed Qakbot, also known as QBot, an infamous botnet...
A coordinated law enforcement effort codenamed Operation Duck Hunt has felled QakBot, a notorious Windows malware family that’s estimated to have compromised...
A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. “The current spike in DarkGate malware activity is plausible...
An updated version of a botnet malware called KmsdBot is now targeting Internet of Things (IoT) devices, simultaneously branching out its capabilities...
The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk...
The SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows machines. “The...
A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. “These RATs are designed...
A new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise...
Threat actors are leveraging access to malware-infected Windows and macOS machines to deliver a proxy server application and use them as exit...
The threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed...
Threat actors are using Android Package (APK) files with unknown or unsupported compression methods to elude malware analysis. That’s according to findings...
The just-released BlackBerry Global Threat Intelligence Report reveals a 40% increase in cyberattacks against government and public service organizations versus the previous...
Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that’s capable of capturing sensitive information from compromised...
An unknown threat actor has been linked to a cyber attack on a power generation company in southern Africa with a new...
Malicious actors are using a legitimate Rust-based injector called Freeze[.]rs to deploy a commodity malware called XWorm in victim environments. The novel...
The TargetCompany ransomware (aka Mallox, Fargo, and Tohnichi) is actively targeting the organizations that are using or running vulnerable SQL servers. Apart...
The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023....
A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal...
Vulnerable Redis services have been targeted by a “new, improved, dangerous” variant of a malware called SkidMap that’s engineered to target a...