Microsoft has uncovered a new strain of malware, dubbed SesameOp, and released detailed findings on its operation. This backdoor stands out for its unconventional design: its creators leveraged the OpenAI Assistants API as a...
The story of one of the most notorious cyberthreats of the past decade has taken an unexpected turn. The developer behind the ZeroAccess botnet—which once infected millions of devices across the globe—has resurfaced years...
Following the end of official support for Windows 10, an increasing number of users have been seeking ways to upgrade to Windows 11, even on devices that technically fail to meet Microsoft’s new system...
Across Eastern Europe, security researchers have observed a sharp surge in malicious Android applications exploiting contactless data transfer technologies to steal banking information. According to Zimperium, more than 760 apps have been detected in...
Microsoft is introducing an additional layer of protection in its Edge browser to defend users against scareware scams—malicious webpages that mimic system virus alerts and urge victims to call a so-called “support hotline.” The...
The Australian government has issued a warning about active cyberattacks targeting unprotected Cisco IOS XE devices used across corporate and government networks. According to the Australian Signals Directorate (ASD), attackers continue to infect routers...
For over a year, programmer Harishankar Narayanan had been using his iLife A11 robot vacuum without incident—until he noticed that the device was constantly transmitting data to servers in China. When he attempted to...
In September and October, researchers at Arctic Wolf Labs uncovered a new wave of cyber-espionage targeting the diplomatic institutions of Hungary and Belgium. According to their findings, the campaign was orchestrated by the Chinese...
The Eclipse Foundation has revoked several compromised access tokens associated with publishing extensions to the open Open VSX repository. The investigation was prompted by a report from Wiz, a company specializing in cloud security....
A sharp surge in attacks targeting PHP servers, Internet of Things (IoT) devices, and cloud gateways has been recorded by researchers from the Qualys Threat Research Unit (TRU). According to their findings, the escalation...
The ongoing PhantomRaven campaign has targeted developers via the npm registry, disseminating dozens of malicious packages across the ecosystem in a short span. Embedded within these packages, malicious code harvests authentication tokens, CI/CD secrets,...
Midway through this year, specialists at Arctic Wolf uncovered a sprawling malicious campaign that spread across South America, Africa, and Eastern Europe. At its core lay a tool of Brazilian origin known as Caminho...
