Threat actors are exploiting poorly secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity...
Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware...
A new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access...
An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own...
New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the...
Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that...
Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to...
A coordinated law enforcement effort codenamed Operation Duck Hunt has felled QakBot, a notorious Windows malware family that’s estimated to have compromised...
A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. “The current spike in DarkGate malware activity is plausible...
An updated version of a botnet malware called KmsdBot is now targeting Internet of Things (IoT) devices, simultaneously branching out its capabilities...
The leak of the LockBit 3.0 ransomware builder last year has led to threat actors abusing the tool to spawn new variants....
The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk...
A new financially motivated operation is leveraging a malicious Telegram bot to help threat actors scam their victims. Dubbed Telekopye, a portmanteau...
Public Wi-Fi, which has long since become the norm, poses threats to not only individual users but also businesses. With the rise...
The SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows machines. “The...
A recently patched security flaw in the popular WinRAR archiving software has been exploited as a zero-day since April 2023, new findings...
A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. “These RATs are designed...
A malicious toolset dubbed Spacecolon is being deployed as part of an ongoing campaign to spread variants of the Scarab ransomware across...
A new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise...
Threat actors are leveraging access to malware-infected Windows and macOS machines to deliver a proxy server application and use them as exit...
The threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed...