Adversaries have orchestrated a sophisticated campaign utilizing a multi-stage infection vector to deploy the Remcos RAT, a remote administration tool designed to clandestinely subjugate compromised systems. Securonix researchers, who identified this offensive, have designated...
The hacking group known as ShinyHunters has claimed responsibility for breaching the infrastructure of Resecurity and exfiltrating internal data. Resecurity, however, maintains that the attackers gained access only to a deliberately constructed decoy—a segregated...
A new open-source project has emerged in the threat-hunting ecosystem, aiming to address one of the discipline’s most persistent pain points: the loss of context once an investigation is over. The Agentic Threat Hunting...
Since early December 2025, SOC teams in Japan have been observing a wave of attacks exploiting React2Shell (CVE-2025-55182)—a remote code execution vulnerability in React/Next.js that already has a public proof of concept and is...
In October 2025, experts at Kaspersky Lab uncovered a new wave of targeted attacks attributed to the ForumTroll group. Whereas earlier campaigns primarily focused on organizations, this iteration shifted its attention to individuals—political scientists,...
A new wave of pressure targeting Israeli professionals linked to the defense sector has moved beyond conventional cyberattacks and into the realm of personal intimidation. A group allegedly connected to Iran has shifted its...
Within cybercriminal circles, the emergence of a new command-and-control framework known as Weyhro C2 has been observed. Its promotion coincides with the activity of a ransomware group bearing the same name, suggesting an effort...
Microsoft has uncovered a new strain of malware, dubbed SesameOp, and released detailed findings on its operation. This backdoor stands out for its unconventional design: its creators leveraged the OpenAI Assistants API as a...
Hacktivists typically move from words to action within a matter of days or weeks after issuing their public threats. This conclusion was drawn by the Kaspersky Lab research team, which analyzed the activities of...
Qilin continues to dominate the ransomware landscape, outpacing all rival groups in the sheer number of documented incidents. According to a recent report from Cyble, the gang struck 104 organizations in August alone, while...