Amid escalating tensions between Iran and Israel, cybersecurity experts at Lookout have uncovered a new Android-based spyware known as DCHSpy, which has been linked to Iran’s Ministry of Intelligence and Security (MOIS). This malicious...
Earlier this year, Microsoft published a study exposing a sweeping campaign involving the distribution of infostealers—malicious software designed to exfiltrate user data. According to the report, over one million devices were compromised, with the...
Three malicious scripts have been discovered in the Arch User Repository (AUR)—a community-driven repository for Arch Linux user packages—used to deploy the CHAOS RAT trojan. These scripts, uploaded by a user operating under the...
Until recently, victims of the Phobos and 8Base ransomware families had virtually no recourse for recovering their encrypted data without paying a ransom. These strains were considered among the most resilient and widely deployed...
A team of analysts at Kaspersky Lab has uncovered an exceptionally sophisticated piece of malware embedded within the Exchange infrastructure of governmental institutions. Based on forensic logs and the nature of the executable code,...
In April 2025, cybersecurity experts from Cisco Talos uncovered a new threat vector: cybercriminals exploiting public repositories on GitHub to host malicious payloads used in distributing the Amadey trojan. According to researchers, the creation...
Google has filed a lawsuit against the unidentified operators of the malicious botnet BadBox 2.0, accusing them of orchestrating a large-scale advertising fraud scheme that directly targeted the company’s own platforms. According to the...
The Akira ransomware group has intensified its operations, adding data from 12 new companies to its dark web leak portal within just three days—from July 15 to 17, 2025. This surge in attacks targeted...
Researchers at VulnCheck have uncovered a new malicious campaign exploiting the CVE-2021-41773 vulnerability in Apache HTTP Server version 2.4.49. This flaw enables remote code execution by bypassing path traversal protections, allowing attackers to access...
A newly discovered version of the SquidLoader malware has surfaced during a targeted attack on institutions in Hong Kong, sparking significant concern within the financial sector. Of particular alarm is its near-complete evasion of...
Attacks targeting outdated SonicWall SMA 100 devices have once again exposed the fragility of network perimeters often overlooked by conventional security systems. According to the Google Threat Intelligence Group (GTIG), a targeted campaign employing...
The latest iteration of the Matanbuchus malware loader, designated version 3.0, has drawn particular scrutiny from cybersecurity experts due to its significant enhancements aimed at evading detection and bypassing modern defensive systems. Originally introduced...
The latest iteration of the Android malware known as Konfety has grown even more insidious. Researchers at Zimperium zLabs have uncovered a refined variant that employs unconventional ZIP archive structures and encrypted, runtime-loaded code....
AsyncRAT, first introduced on GitHub in January 2019, has evolved into one of the most formidable tools in the cybercriminal arsenal. Its open-source architecture, written in C#, has laid the foundation for a multitude...
Hackers have devised a method to conceal malware in places where detection is nearly impossible—in DNS records that map domain names to IP addresses. This technique enables the delivery of malicious binaries without relying...
Cybercriminals have begun leveraging GitHub to disseminate dangerous spyware disguised as a free VPN service. The malicious campaign, uncovered by researchers at Cyfirma, masqueraded as a program called “Free VPN for PC.” Instead of...
