On August 21, the Nmap development team unveiled version 7.98 of their legendary tool. At first glance, it might appear to be just another update, yet this release carries particular significance for users of...
The Ministry of Justice of South Korea has announced the extradition of a suspected leader of a transnational hacking group — a 34-year-old Chinese national wanted for a series of high-profile thefts targeting wealthy...
Researchers at Zscaler ThreatLabz have released a new report on the evolution of the banking trojan Anatsa (also known as TeaBot), first discovered in 2020. This malware targets Android devices and is designed to...
A new macOS trojan, emerging on the dark web under the name Mac.c, is rapidly gaining popularity and beginning to compete with one of the underground market’s most notorious threats, AMOS. Analysts at Moonlock...
A few days ago, the website DDoSecrets published a data dump allegedly originating from the workstation of an operator involved in a campaign against organizations in South Korea and Taiwan. The author of the...
A large-scale campaign compromising WordPress websites has been uncovered, tied to the evolution of the Help TDS system and the malicious plugin woocommerce_inputs. According to research from GoDaddy Security, between late 2024 and June...
Researchers from Ctrl-Alt-Int3l have published a detailed analysis of a large-scale operation targeting Vietnamese universities. Their investigation was made possible thanks to open directories where attackers, through a critical oversight, had left behind a...
Experts at Socket have uncovered a malicious Go package named golang-random-ip-ssh-bruteforce, which masquerades as a tool for brute-forcing SSH credentials but in reality exfiltrates them to its author via Telegram. The module’s logic is...
A new campaign has been observed within the malware-as-a-service (MaaS) ecosystem, where attackers employ a multi-stage delivery chain using PowerShell scripts hosted on external web servers. This technique conceals the final executables, delays investigations,...
The hacking collective APT-C-08, also known as TA397 and Bitter, continues to expand its cyber arsenal. Chinese researchers have uncovered a new malicious component belonging to the family of remote access trojans, previously unseen...