The Lazarus hacking group has resurfaced—this time targeting European defence firms engaged in unmanned aerial systems development. ESET traces the activity to the DreamJob campaign, attributed to North Korea, which habitually employs bogus job...
The PhantomCaptcha operation proved to be one of the most sophisticated phishing campaigns of recent months, directed at humanitarian and administrative organizations. According to SentinelLabs, the attackers orchestrated a meticulously crafted scheme, masquerading as...
A widespread exploitation campaign has descended upon WordPress sites: attackers are targeting installations that use the GutenKit and Hunk Companion plugins, which harbor critical flaws permitting arbitrary code execution on vulnerable servers. Wordfence, a...
Researchers at SquareX have published a comprehensive report on a newly discovered vulnerability known as AI Sidebar Spoofing—a novel class of attacks that leverages malicious browser extensions disguised as AI sidebar interfaces. This technique...
The malicious modification of Telegram X, discovered by specialists at Doctor Web, turned out to be far more than a simple espionage tool—it is a fully fledged platform for the covert takeover and remote...
Trend Research has detailed a new wave of attacks carried out by the Agenda ransomware group, which has developed the ability to execute a Linux variant of its encryptor within Windows-based environments. This tactic...
Amid the declining effectiveness of traditional malware delivery channels, cybercriminals are increasingly turning to platforms never intended for such purposes. The Check Point Research team has uncovered a vast, distributed network of malicious YouTube...
The South Korean government has announced a sweeping inspection of 1,600 IT systems across the sectors of public administration, finance, and telecommunications, following a series of high-profile data breaches that have sparked public outcry...
The U.S. Department of Justice has charged 31 individuals, including alleged members of organized crime and former NBA players, in connection with a large-scale poker fraud scheme that exploited hacked Deckmate 2 automatic card...
Hackers have begun actively exploiting a newly disclosed vulnerability in the Windows Server Update Services (WSUS) component. The flaw, tracked as CVE-2025-59287, already has a publicly available proof-of-concept (PoC) exploit, dramatically increasing the likelihood...