APT36, also known as Transparent Tribe, has launched a new espionage campaign targeting government and defense institutions in India. This Pakistan-linked group, active since at least 2013, has long relied on phishing campaigns and...
The recent vulnerability in Apple’s ecosystem — CVE-2025-43300 — has emerged as one of the most dangerous threats to the company’s users. The flaw was identified in the RawCamera.bundle module, responsible for handling Adobe’s...
The Qilin group, notorious for its ruthless methods of digital extortion, has announced the creation of a so-called “legal department.” The very phrase sounds paradoxical: can one truly speak of a legal mechanism within...
Logan Goins, a researcher at SpecterOps, has unveiled a novel technique for exploiting NTLM authentication that enables adversaries to bypass low-level access restrictions in corporate networks and offload tool execution from an infected workstation....
In the Windsurf Cascade development environment, designed for AI-driven code automation and programmer assistance, a vulnerability has been uncovered, dubbed SpAIware. This flaw allows malicious commands to be implanted into the AI system, stored...
PowerDodder is a post-exploitation persistence utility designed to stealthily embed execution commands into existing script files on the host. By leveraging files that are frequently accessed but rarely modified, it targets high-likelihood execution vectors with...
On August 16, the American company Data I/O—one of the world’s largest electronics manufacturers serving clients such as Amazon, Apple, Google, and Microsoft—fell victim to a ransomware attack. The incident proved so severe that...
A massive cryptocurrency theft has once again revealed how vulnerable users remain to the manipulations of social engineering. On August 19, an anonymous Bitcoin holder was stripped of 783 BTC — roughly $89 million...
Researchers at CrowdStrike have identified a new macOS infection campaign deploying a malware strain known as Shamos. This trojan is a variant of Atomic macOS Stealer (AMOS), a notorious Mac infostealer, and is being...
Researchers at Trellix have uncovered an unusual attack scheme targeting Linux systems, where the key element is not a malicious payload hidden within a file, but the file name itself inside an archive. The...