The North Korean-aligned cyber-espionage syndicate Andariel has reasserted its presence through a sophisticated offensive targeting entities across Europe and South Korea. A comprehensive analysis by WithSecure elucidates that the collective is not merely intensifying...
Microsoft has disclosed a sophisticated sequence of multi-stage incursions leveraging Adversary-in-the-Middle (AiTM) session hijacking in tandem with Business Email Compromise (BEC) methodologies. The offensive specifically targeted entities within the energy sector, with adversaries weaponizing...
In late December 2025, the architects of the renowned text editor EmEditor issued a formal advisory regarding the compromise of the application’s official distribution portal. Malefactors surreptitiously substituted the authentic installer with a deleterious...
Microsoft has issued an urgent, out-of-band security update for Microsoft Office to mitigate a high-stakes zero-day vulnerability that is currently being exploited in live environments. This flaw facilitates the circumvention of native security protocols...
Experts from Trend Micro have identified the pervasive deployment of PeckBirdy, a malevolent JavaScript framework orchestrated by collectives associated with Chinese state apparatuses. This instrument has been operational since at least 2023, utilized in...
Fabricated notifications impersonating the Income Tax Department of India have emerged as the facade for a sophisticated malware campaign, culminating in the deployment of the Blackmoon banking trojan. This offensive specifically targets the Indian...
The American athletic titan Nike has initiated an internal forensic audit following allegations of a substantial corporate data breach. The extortionist syndicate operating under the moniker WorldLeaks has disseminated a curated selection of files...
Adversaries have pioneered a sophisticated method of weaponizing GitHub as a conduit for malware distribution, camouflaging their payloads as legitimate installers for prominent developer utilities. At the epicenter of this campaign is GitHub Desktop;...
In late December 2025, the Polish power grid was besieged by a formidable cyberattack. This incursion, transpiring during the final days of the year, has been characterized by authorities as the most significant assault...
Threat actors persist in exploiting a critical vulnerability within VMware vCenter Server, notwithstanding the fact that the remediating patch was disseminated over a year ago. Broadcom has substantiated that this flaw is currently being...