Adversaries no longer find it requisite to engineer sophisticated malware from its inception. Frequently, the appropriation of a pre-existing utility from GitHub, utilized in its native state, suffices. This paradigm was vividly illustrated in...
In the waning days of February 2026, cyber adversaries inaugurated a nascent campaign characterized by an unorthodox stratagem: the dissemination of malignant Windows artifacts via the ubiquitous channels of WhatsApp. The calculus was elegantly...
A security researcher operating under the pseudonym Magic Claw has inaugurated LOLAPI, a structured compendium of systemic APIs frequently subverted by adversaries in orchestrated incursions. This repository serves as a profound knowledge base, elucidating...
Notifications regarding Booking.com cancellations involving substantial financial transactions appear as mere routine for hospitality providers. Yet, such correspondence serves as the harbinger for a sophisticated malicious campaign tracked by Securonix researchers under the moniker...
Romania’s National Administration of Water Resources has fallen victim to a large-scale cyberattack that resulted in the encryption of roughly one thousand workstations and servers. The breach occurred over the past weekend and affected...
For more than a year, a Chinese hacking group had been covertly exploiting an ArcGIS server as a clandestine access channel, transforming it into a resilient point of persistence. The campaign, uncovered by ReliaQuest...
In the second quarter of 2025, experts at HP Wolf Security documented a wave of sophisticated attacks in which adversaries employed unconventional living-off-the-land (LOTL) tactics to evade detection. Multiple obscure system utilities were brought...