Researchers at Zscaler ThreatLabz have released a new report on the evolution of the banking trojan Anatsa (also known as TeaBot), first discovered in 2020. This malware targets Android devices and is designed to...
A few days ago, the website DDoSecrets published a data dump allegedly originating from the workstation of an operator involved in a campaign against organizations in South Korea and Taiwan. The author of the...
Researchers from Ctrl-Alt-Int3l have published a detailed analysis of a large-scale operation targeting Vietnamese universities. Their investigation was made possible thanks to open directories where attackers, through a critical oversight, had left behind a...
A new campaign has been observed within the malware-as-a-service (MaaS) ecosystem, where attackers employ a multi-stage delivery chain using PowerShell scripts hosted on external web servers. This technique conceals the final executables, delays investigations,...
APT36, also known as Transparent Tribe, has launched a new espionage campaign targeting government and defense institutions in India. This Pakistan-linked group, active since at least 2013, has long relied on phishing campaigns and...
Researchers at CrowdStrike have identified a new macOS infection campaign deploying a malware strain known as Shamos. This trojan is a variant of Atomic macOS Stealer (AMOS), a notorious Mac infostealer, and is being...
In recent days, Telegram channels and news outlets have been actively circulating reports of an alleged Europol bounty of $50,000 for information leading to the capture of two leaders of the notorious ransomware group...
Experts from Insikt Group have presented the first comprehensive investigation into the activities of Lumma Stealer affiliates—one of the most widespread families of data-stealing malware. Covering the period from mid-2024 through the first half...
Amid the escalating wave of cyberthreats—particularly from advanced threat groups—one of the most dangerous yet persistently underestimated attack vectors remains almost unchanged: the compromise of user accounts through password guessing. According to the newly...
Experts at Censys have released their State of the Internet 2025 report, focusing on the infrastructure of cybercriminals—specifically Command-and-Control (C2) servers and other tools used to coordinate attacks and maintain access to compromised systems....