Experts at Palo Alto Networks Unit 42 have uncovered a new malicious campaign orchestrated by the threat actor group known as Gold Melody. This group specializes in gaining unauthorized access to corporate systems and...
An attack on the Visual Studio Code extension known as Ethcode has compromised the security of more than 6,000 developers worldwide. The incident stemmed from the insertion of malicious code into this widely used...
At first glance, it appeared to be a typical browser extension — a sleek interface, a simple and intuitive color-picking function, high user ratings, and hundreds of glowing reviews. Yet behind this seemingly benign...
According to a report by Morphisec, the Iranian threat group Pay2Key.I2P has intensified its operations amid escalating tensions in the Middle East. The group is now offering larger payouts to hacker affiliates who participate...
Malicious software has once again surfaced on the official Google Play Store, masquerading as an innocuous utility. This time, the campaign targeted North America, where the Android banking trojan known as Anatsa—also referred to...
Malicious actors are increasingly leveraging digitally signed drivers to carry out stealthy attacks on the Windows kernel, circumventing standard security mechanisms and enhancing their ability to remain undetected. Despite the presence of safeguards such...
The development team behind the Shellter tool—a utility designed to evade antivirus and EDR detection—has confirmed that their product has fallen into the hands of malicious actors. At the same time, they have accused...
Since July 2024, Russia has been the target of a large-scale, highly targeted cyber campaign employing a previously unknown espionage tool named Batavia. According to Kaspersky Lab, the attacks have been directed at industrial...
The emergence of a new tool known as RingReaper has sparked concern among cybersecurity experts and penetration testing teams alike. This program leverages a legitimate yet highly potent Linux kernel feature called io_uring to...
A hacker group with affiliations beyond Pakistan has once again drawn attention following its attacks on Indian government entities. According to researchers at Recorded Future, the activity is attributed to the cyber threat group...
Experts at Wiz have identified a new wave of attacks targeting TeamCity servers—a widely used platform for orchestrating CI/CD workflows. Threat actors exploited a misconfigured Java Debug Wire Protocol (JDWP) interface, enabling remote command...
Experts at Koi Security have identified over 40 malicious extensions for the Mozilla Firefox browser, specifically crafted to steal data from cryptocurrency wallets. These add-ons pose a significant threat to the security of users’...
A threat group linked to the Democratic People’s Republic of Korea (DPRK) is intensifying its attacks on companies operating in the Web3 and cryptocurrency sectors, deploying malware crafted in the Nim programming language. These...
Cybercriminals have launched a new wave of attacks targeting WordPress websites—so meticulously concealed that the campaign was only recently uncovered. Security experts at Sucuri have discovered that compromised websites are being used as silent...
The Swiss foundation Radix, engaged in healthcare-related initiatives, has fallen victim to a ransomware attack. As a result of the cyber intrusion, the perpetrators exfiltrated and encrypted data, which was later disseminated on the...
The hacker group UAC-0226 continues to aggressively evolve its malicious tool GIFTEDCROOK, which initially functioned as a browser data-stealing utility but has now acquired advanced capabilities, enabling the targeted exfiltration of confidential documents and...
