Low-profile droppers, long considered auxiliary tools in the arsenals of Android banking trojans and RATs, are undergoing a rapid and troubling transformation. According to ThreatFabric researchers, these once secondary instruments are now being actively...
Researchers at Socket have uncovered a malicious npm package named nodejs-smtp, masquerading as the widely used nodemailer library (which averages 3.9 million weekly downloads). In reality, the package serves as a tool for covert...
A large-scale theft of authentication tokens from Salesloft, developer of the corporate chatbot platform, has triggered a chain reaction of threats across digital infrastructure worldwide. According to a warning from Google, the breach affects...
A security researcher uncovered critical vulnerabilities in the admin panel of Pudu Robotics, China’s largest supplier of commercial service robots. The flaw allowed attackers to redirect robots and issue arbitrary commands. Pudu manufactures over...
Experts at Truesec have reported a large-scale malicious campaign in which attackers promoted a fake PDF-editing application, AppSuite PDF Editor, through Google Ads. Beneath its veneer of legitimacy lurked the TamperedChef infostealer, capable of...
What is it Pyramid is a set of Python scripts and module dependencies that can be used to evade EDRs. The main purpose of the tool is to perform offensive tasks by leveraging some...
OnionC2 is a command and control (C2) framework with communications over Tor network. It’s packed with privacy & security features, and operational capabilities. It is simple to setup, and has a friendly user interface....
Researchers at Stripe OLT’s SOC have uncovered a large-scale, targeted phishing campaign aimed at senior executives and top managers across multiple industries. The attackers distribute emails disguised as internal correspondence from HR departments, inviting...
Researchers at Kaspersky Lab have reported the resurgence of ransomware operations by the group OldGremlin, which has once again begun targeting Russian companies. In the first half of 2025, eight major enterprises were compromised,...
The North Korean threat group APT37 (also known as ScarCruft, InkySquid, Reaper, and Ricochet Chollima) has launched a sweeping espionage campaign under the codename Operation HanKook Phantom, targeting government and research organizations in South...