Cybersecurity researchers have uncovered 11 malicious Go packages designed to download additional components from remote servers and execute them on both Windows and Linux systems. According to Socket researcher Olivia Brown, during execution the...
Two malicious packages have been discovered in the NPM ecosystem, disguised as libraries for building bots and automated services using the WhatsApp Business API. Identified by researchers at Socket, these modules mimicked popular WhatsApp...
Akira ransomware attacks are growing ever more sophisticated: threat actors have begun exploiting a legitimate Intel CPU tuning driver to disable Windows’ built-in protections. The driver in question—rwdrv.sys, part of the ThrottleStop utility—is registered...
Although humans have traditionally been regarded as the weakest link in the cybersecurity chain, a new study by Canadian researchers reveals that even untrained individuals can effectively detect malicious software when provided with minimal...
Over the past year, a social engineering technique known as ClickFix has witnessed a meteoric rise, propelled by a fusion of unique delivery methods, persuasive narratives, and sophisticated evasion tactics. According to analysts at...
A large-scale campaign exploiting a chain of vulnerabilities in Microsoft SharePoint continues to escalate—this time with the active involvement of ransomware groups. During an investigation into a series of coordinated attacks, researchers at Palo...
A new large-scale threat has emerged on the Android horizon, dubbed PlayPraetor—a sophisticated piece of malware capable of seizing full control over compromised devices. To date, over 11,000 devices have fallen under its sway,...
For nearly a year, a malicious module known as Plague evaded detection by Linux security solutions, despite its active proliferation and deep entrenchment within one of the system’s most critical components—the authentication stack. Its...
A malicious package discovered in the NPM ecosystem by researchers at Safety turned out to be far more than a simple trojan for cryptocurrency theft—it stood as a striking example of an attack orchestrated...
Cyberattacks in the first half of 2025 have accelerated to a terrifying new pace. From credential theft and ransomware assaults to leaks of sensitive information and mass session hijackings, nearly every metric in Flashpoint’s...
Experts at the Genians Security Center have uncovered a sophisticated new variant of the RoKRAT malware, attributed to the North Korean threat group APT37. This latest iteration employs an unusually covert method of hiding...
In late 2024, a new ransomware strain named FunkSec emerged on the cybercrime scene. It quickly drew attention due to its aggressive tactics and unconventional implementation. Within a short span, dozens of organizations across...
Since mid-July, a surge in ransomware attacks leveraging the Akira strain has been observed, specifically targeting SonicWall devices. According to cybersecurity firm Arctic Wolf, threat actors have been actively exploiting SSL VPN connections on...
Experts at Darktrace have identified a targeted cyberattack against an American chemical company, in which the perpetrators exploited a critical vulnerability in the SAP NetWeaver platform. Tracked as CVE-2025-31324, the flaw stemmed from an...
A new wave of attacks leveraging the XWorm malware vividly illustrates how far threat actors have advanced in crafting tools that are both resilient to detection and resistant to analysis. The variant identified by...
Amid the continued proliferation of Android-targeting malware, researchers at Cyble Research and Intelligence Labs (CRIL) have identified a sophisticated new threat dubbed RedHook. First observed in January 2025, this banking Trojan exhibits a particularly...
