Researchers from the Lat61 Threat Intelligence Team have published a comprehensive analysis of Raven Stealer, a lightweight, furtive infostealer written in Delphi and C++. The report details its credential-theft capabilities, methods for clandestine exfiltration...
Developers of the PureHVNC remote-access trojan have adopted a new level of concealment, brazenly using GitHub to host source code and modules for their malicious toolkit. That is the conclusion of Check Point Research...
The newly discovered Python trojan XillenStealer, identified by researchers at Cyfirma, poses a grave threat to Windows users. Engineered to harvest system information, stored credentials, and cryptocurrency wallets, it also bundles an array of...
A dangerous worm dubbed Shai-Hulud has been uncovered in the JavaScript ecosystem, infecting at least 187 packages in the NPM repository. What sets it apart is that it not only steals developer credentials but...
A sprawling advertising-fraud operation known as SlopAds hid behind a storefront of hundreds of seemingly innocuous Android apps and ballooned into a global enterprise. Researchers at Satori (HUMAN) recently described how 224 programs amassed...
Acronis researchers have reported a fresh campaign that employs a modified FileFix technique to deliver the StealC data stealer. The attackers staged a convincing, multilingual phishing operation that forges pages for various services —...
Researchers at Socket have disclosed a new attack against the npm ecosystem, in which more than 40 packages were discovered to be laced with embedded malicious code. The compromise mechanism was meticulously engineered: it...
In the second quarter of 2025, experts at HP Wolf Security documented a wave of sophisticated attacks in which adversaries employed unconventional living-off-the-land (LOTL) tactics to evade detection. Multiple obscure system utilities were brought...
Experts at Mosyle have uncovered a new strain of malware, named ModStealer, which has proven entirely invisible to antivirus solutions. The program was first uploaded to VirusTotal nearly a month ago without triggering a...
Chinese-language users became the target of a new SEO poisoning campaign that spread malware through counterfeit download sites for popular applications. Fortinet’s FortiGuard Labs reports that threat actors elevated malicious pages in Google results...
A new campaign leveraging the EvilAI malware, tracked by researchers at Trend Micro, has demonstrated how artificial intelligence can be weaponized as a tool of cybercrime. In recent weeks, dozens of infections have been...
The hacker collective WhiteCobra has launched a large-scale campaign targeting users of popular code editors including VS Code, Cursor, and Windsurf. Researchers at Koi Security uncovered 24 malicious extensions hosted on official repositories such...
