The threat group TAG-150, which researchers associate with the development of the CastleLoader malware, has expanded its arsenal with a new remote access trojan (RAT) known as CastleRAT. The discovery was reported by Recorded...
Cybercriminals have launched a new wave of attacks that employ SVG files as carriers for phishing pages. According to researchers at VirusTotal, the attackers disguise themselves as representatives of the Colombian Prosecutor’s Office, distributing...
Cybercriminals have discovered a method to bypass X’s restrictions on posting links by exploiting its built-in assistant, Grok. The technique was revealed by Guardio Labs, with anomalies and screenshots documented by an X user....
The APT group Silver Fox has integrated a previously unknown vulnerable driver, WatchDog Antimalware, signed by Microsoft, into its attack chains. Exploiting this driver, the attackers disable defenses even on fully updated Windows 10...
Low-profile droppers, long considered auxiliary tools in the arsenals of Android banking trojans and RATs, are undergoing a rapid and troubling transformation. According to ThreatFabric researchers, these once secondary instruments are now being actively...
Researchers at Socket have uncovered a malicious npm package named nodejs-smtp, masquerading as the widely used nodemailer library (which averages 3.9 million weekly downloads). In reality, the package serves as a tool for covert...
Experts at Truesec have reported a large-scale malicious campaign in which attackers promoted a fake PDF-editing application, AppSuite PDF Editor, through Google Ads. Beneath its veneer of legitimacy lurked the TamperedChef infostealer, capable of...
Experts at ReversingLabs have uncovered a critical loophole in the VS Code Marketplace. The platform allows new extensions to be published under the same names previously used by other packages, provided those packages were...
The group ShadowSilk has been identified as the orchestrator of a new wave of cyberattacks against government institutions across Central Asia and the Asia-Pacific region. According to Group-IB, the number of victims is approaching...
The NPM ecosystem has been struck by a new supply chain attack, this time targeting the Nx project, into whose repository several malicious package versions were uploaded late Tuesday evening. According to researchers at...
In August of this year, specialists from Israel’s National Digital Agency uncovered a large-scale campaign known as ShadowCaptcha, designed to compromise users through more than a hundred hacked WordPress websites. These sites had been...
Openness has long been the defining distinction between Android and the iPhone, yet in recent years Google has steadily shifted the balance toward security. Now the company is preparing its most radical step yet...
