Experts at Doctor Web have identified a new click-fraud trojan, Trojan.ChimeraWire, which disguises itself as the activity of a real user and artificially boosts website engagement metrics in search results. Infected Windows machines automatically...
The financially motivated group Storm-0249, long known as a broker of initial access for ransomware operators, has markedly refined its tradecraft, triggering a new wave of alarm among cybersecurity professionals. Analysts at ReliaQuest have...
A newly discovered vulnerability in Node.js, designated CVE-2025-55182 and informally dubbed React2Shell, has become a favored weapon of botnets within mere days of its disclosure. Operators are now launching widespread attacks against vulnerable web...
The widow of Saudi dissident journalist Jamal Khashoggi has filed a complaint with the French prosecutor’s office, alleging that her phone was infected with Israeli spyware shortly before her husband’s murder. Hanan Elatr Khashoggi...
The International Criminal Court has released a draft policy aimed at confronting crimes committed through digital technologies. The document responds to the growing role of cyber capabilities and artificial intelligence in perpetrating grave international...
DllShimmer Weaponize DLL hijacking easily. Backdoor any function in any DLL without disrupting normal process operation. How it works DllShimmer parses the original DLL and extracts information about exported functions (name, ordinal number, and...
DumpGuard is a credential dumping tool that can extract the NTLMv1 hashes of users on modern Windows systems. The tool relies on the Remote Credential Guard protocol, and allows credential dumping even when Credential Guard is enabled on...
Researchers from Howler Cell have detailed an underground marketplace for compromised websites operated by students and freelancers across Asia. At the center of their latest report is a cybersecurity student from Bangladesh who aspires...
APT-C-53 has once again intensified its distribution of malicious attachments targeting organizations in Ukraine. The latest wave of attacks demonstrates that the group continues to refine its stealth-penetration toolkit and to update its initial-access...
The launch of the IPCola service on underground forums in 2023 initially appeared to be yet another proxy marketplace, but the scale of the advertised address pool and the origins of its traffic quickly...
On Monday, Warby Parker and Google announced that they are preparing to release AI-powered smart glasses, with the first model slated for 2026. The product is envisioned as an alternative to offerings from Apple...
At the beginning of the year, Japan was shaken by a scandal surrounding a major data breach involving the Kaikatsu Club internet café chain. Law enforcement authorities identified a minor from Osaka Prefecture who,...
