A new multifunctional Windows trojan dubbed NANOREMOTE leverages a cloud-based file storage service as a covert command-and-control hub, complicating detection while providing attackers with a resilient channel for data exfiltration and the delivery of...
A new Android malware known as Droidlock turns an infected smartphone into a device fully controlled by attackers. The malware locks the screen with a ransom banner, steals application lock codes, and gains access...
A new technique dubbed “ConsentFix” expands upon the already known ClickFix social engineering attack, enabling the hijacking of Microsoft accounts without passwords or multi-factor authentication. To achieve this, attackers exploit the legitimate Azure CLI...
In the source code of the forthcoming Linux 6.19 kernel, a function with a controversial name has been removed to bring the project’s terminology into line with current guidelines on inclusive language. The function...
Gladinet is facing fresh trouble once again: vulnerabilities have been uncovered in its CentreStack and Triofox products stemming from embedded, hardcoded cryptography. According to Huntress, the AES implementation relies on fixed keys, allowing attackers...
Notepad++ has released version 8.8.9 to remediate a weakness in its WinGUp (GUP.exe) update mechanism. Researchers and users had reported incidents in which the updater, instead of fetching a legitimate installer, downloaded and executed...
One of the cybersecurity industry’s most frequently cited “benchmarks” has once again made the rounds in slide decks and marketing brochures: MITRE has published the results of its 2025 ATT&CK Evaluations for enterprise security...
Researchers at Kaspersky Lab have published an in-depth study on how to detect the presence of Mythic within corporate networks—one of the most widely used tools employed by attackers to manage compromised systems. Mythic...
Researchers from Stanford and their collaborators conducted an unconventional experiment: they compared how ten seasoned professional penetration testers and a suite of autonomous AI agents performed against a real corporate-style pentest. The test was...
Immediately following the public disclosure of a critical vulnerability in React Server Components, threat actors began exploiting it in attacks against organizations across multiple industries. The Huntress team reports that the flaw is an...
A new ransomware strain known as 01flip, written in Rust, has begun appearing with increasing frequency in attacks against organizations across the Asia-Pacific region. According to Palo Alto Networks’ Unit 42, the activity has...
A newly released open-source project has drawn the attention of the technical community for its attempt to circumvent modern workstation protection mechanisms. A developer using the alias hwbp has published a framework called LazyHook...
