In a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept (PoC) has been discovered on...
RomCom is a RAT – that enables remote access/control over devices to exfiltrate sensitive information for financial gain, now being used in...
A newly found Truebot Malware targets both US and Canada-based organizations to exfiltrate sensitive information by exploiting vulnerabilities in the Netwrix Auditor...
Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting companies in...
The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and...
The npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could potentially allow...
Researchers have pulled back the curtain on an updated version of an Apple macOS malware called RustBucket that comes with improved capabilities...
The cybersecurity researchers at Morphisec Labs have been tracking the GuLoader campaign since April of this year and found that it has...
Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse. The malware “represents a significant shift as it...
The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability...
A previously undocumented Windows-based information stealer called ThirdEye has been discovered in the wild with capabilities to harvest sensitive data from infected...
The latest research discovered Andariel, a part of the Lazarus group, introduced several new malware families, such as YamaBot and MagicRat, updated...
A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on...
The latest research unveiled the JavaScript-based droppers, which deliver Bumblebee and IcedID malware instead of PowerShell-based droppers. These two malware types are...
Malicious cyber actors might exploit a known flaw in Microsoft Windows’ secure startup process to bypass Secure Boot protection and run the BlackLotus malware....
Any user who has a Microsoft account is able to communicate with ‘external tenants’ via the usage of Microsoft Teams. Any company...
A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID. Cybersecurity firm Deep Instinct is tracking...
A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the...
A highly targeted cyber attack against an East Asian IT company involved the deployment of a custom malware written in Golang called...
Recently, the cybersecurity researchers at CYFIRMA found that hackers are actively using “Mystic Stealer Malware,” a new information stealer. It’s been claimed...
A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and over 70...