Researchers from Ctrl-Alt-Int3l have published a detailed analysis of a large-scale operation targeting Vietnamese universities. Their investigation was made possible thanks to open directories where attackers, through a critical oversight, had left behind a...
Experts at Socket have uncovered a malicious Go package named golang-random-ip-ssh-bruteforce, which masquerades as a tool for brute-forcing SSH credentials but in reality exfiltrates them to its author via Telegram. The module’s logic is...
A new campaign has been observed within the malware-as-a-service (MaaS) ecosystem, where attackers employ a multi-stage delivery chain using PowerShell scripts hosted on external web servers. This technique conceals the final executables, delays investigations,...
The hacking collective APT-C-08, also known as TA397 and Bitter, continues to expand its cyber arsenal. Chinese researchers have uncovered a new malicious component belonging to the family of remote access trojans, previously unseen...
APT36, also known as Transparent Tribe, has launched a new espionage campaign targeting government and defense institutions in India. This Pakistan-linked group, active since at least 2013, has long relied on phishing campaigns and...
The recent vulnerability in Apple’s ecosystem — CVE-2025-43300 — has emerged as one of the most dangerous threats to the company’s users. The flaw was identified in the RawCamera.bundle module, responsible for handling Adobe’s...
The Qilin group, notorious for its ruthless methods of digital extortion, has announced the creation of a so-called “legal department.” The very phrase sounds paradoxical: can one truly speak of a legal mechanism within...
Logan Goins, a researcher at SpecterOps, has unveiled a novel technique for exploiting NTLM authentication that enables adversaries to bypass low-level access restrictions in corporate networks and offload tool execution from an infected workstation....
In the Windsurf Cascade development environment, designed for AI-driven code automation and programmer assistance, a vulnerability has been uncovered, dubbed SpAIware. This flaw allows malicious commands to be implanted into the AI system, stored...
On August 16, the American company Data I/O—one of the world’s largest electronics manufacturers serving clients such as Amazon, Apple, Google, and Microsoft—fell victim to a ransomware attack. The incident proved so severe that...
A massive cryptocurrency theft has once again revealed how vulnerable users remain to the manipulations of social engineering. On August 19, an anonymous Bitcoin holder was stripped of 783 BTC — roughly $89 million...
Researchers at CrowdStrike have identified a new macOS infection campaign deploying a malware strain known as Shamos. This trojan is a variant of Atomic macOS Stealer (AMOS), a notorious Mac infostealer, and is being...
