Researchers at Fortinet FortiGuard Labs have uncovered a new cyber-attack campaign masquerading as communications from the National Police of Ukraine and employing an unusual malware delivery chain. The attackers dispatch emails with SVG attachments...
Experts at Silent Push have released an in-depth study on subdomain rental services, often referred to in documentation and forums as Dynamic DNS. These platforms allow any user to acquire a third-level domain and...
Zscaler ThreatLabz, in its recent report, disclosed the details of a newly observed malware family dubbed YiBackdoor, first detected in June 2025. From the outset, analysts noted substantial source-code commonalities with the IcedID and...
Socket Threat Research has discovered a malicious NPM package named fezbox, published by a user going by janedu. Ostensibly a harmless library, the package conceals an unusually sophisticated payload: it uses a QR code...
GitLab published a report detailing a fresh wave of attacks in which researcher Oliver Smith analyzed a shift in tactics by a North Korean cyber group employing the BeaverTail and InvisibleFerret malware families. The...
Cybercriminals have launched a large-scale campaign against macOS users, disguising malware as popular applications. The alert comes from LastPass, which reported that its own product was among those impersonated. Distribution is carried out through...
The BlackLock group, formerly known as El Dorado, has in recent months established itself as one of the most prominent actors in the ransomware arena. Research by the AhnLab Security Intelligence Center (ASEC) reveals...
MissionEvasion is a sophisticated Windows process injection tool that implements multiple evasion techniques, including registry-based file hiding, process hollowing, and process overwriting. The tool supports both x64 and x86 architectures and provides a flexible...
A phishing campaign targeting figures in the cryptocurrency industry has come to light after researcher José A. Gómez Ledesma of the Quetzal team reported a string of attacks masquerading as invitations to appear on...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about two distinct malware frameworks uncovered within the network of an unnamed organization, following the exploitation of newly disclosed vulnerabilities in Ivanti...
Operators of the SystemBC botnet have assembled a global fabric built on compromised commercial virtual servers, sustaining roughly 1,500 active nodes each day. These machines have been repurposed into an infrastructure for relaying malicious...
Experts from Zscaler ThreatLabz have uncovered two malicious packages in the PyPI repository that, upon installation and import, secretly deploy the SilentSync Python trojan—a threat capable of seizing control of developer environments and exfiltrating...
