The recent subjugation of a ubiquitous Python library dedicated to communications has starkly illuminated the profound fragility inherent within the open-source supply chain. Venomous architecture was surreptitiously woven into the official Telnyx Python SDK—a...
The sophisticated threat actor APT28 has commenced the exploitation of a nascent Microsoft Office vulnerability almost immediately following its public disclosure. According to researchers, these incursions were initiated within a mere three-day window, primarily...
A security researcher has demonstrated an unconventional scenario in which the popular dating app Hinge can be repurposed into an improvised command-and-control server—an infrastructure through which attackers could issue commands to malware and exfiltrate...
A hacking group operating under the name DarkSpectre has, for seven years, systematically infected the computers of users running Chrome, Edge, and Firefox browsers. According to Koi Security, more than 8.8 million unique devices...
As part of a large-scale malware campaign dubbed Operation Artemis, the North Korean hacking group APT37—also known as ScarCruft—employed sophisticated attack techniques leveraging South Korea’s HWP word processor and DLL side-loading. The operation targeted...
Researchers at Koi Security have identified a new malicious campaign dubbed GhostPoster, targeting users of the Firefox browser. As part of the operation, attackers distributed extensions that appeared harmless and even amassed tens of...
Midway through this year, specialists at Arctic Wolf uncovered a sprawling malicious campaign that spread across South America, Africa, and Eastern Europe. At its core lay a tool of Brazilian origin known as Caminho...
StegoScan.py is a powerful, next-generation tool for automated steganography detection in websites, web servers, and local directories, integrating AI-driven object and text recognition with deep file analysis. Unlike traditional steganography detection tools that focus...
McAfee researchers have reported a renewed campaign by the banking trojan Astaroth, which has begun abusing GitHub as a resilient channel for delivering configuration data. By leveraging a legitimate platform in this way, attackers...
Socket Threat Research has discovered a malicious NPM package named fezbox, published by a user going by janedu. Ostensibly a harmless library, the package conceals an unusually sophisticated payload: it uses a QR code...
A sprawling advertising-fraud operation known as SlopAds hid behind a storefront of hundreds of seemingly innocuous Android apps and ballooned into a global enterprise. Researchers at Satori (HUMAN) recently described how 224 programs amassed...
Acronis researchers have reported a fresh campaign that employs a modified FileFix technique to deliver the StealC data stealer. The attackers staged a convincing, multilingual phishing operation that forges pages for various services —...
