A new tool for disabling EDR systems has emerged in the cybercriminal underground, which Sophos researchers regard as an evolution of the EDRKillShifter utility. Its use has already been documented in attacks by eight...
For nearly a year, a malicious module known as Plague evaded detection by Linux security solutions, despite its active proliferation and deep entrenchment within one of the system’s most critical components—the authentication stack. Its...
The GreyNoise team has uncovered a disquieting pattern: in 80% of cases, anomalous spikes in suspicious internet activity occur prior to the official disclosure of new vulnerabilities (CVEs). These are not coincidences or random...
An unusual attack targeting Linux servers has unveiled a new echelon of malware obfuscation—and possibly, its artificial origin. Researchers at AquaSec have documented a threat dubbed Koske, which hides within seemingly innocuous images of...
In the first half of 2025, researchers observed the active exploitation of a new malware loader known as CastleLoader. Since its emergence, this tool has become a central element in the distribution infrastructure for...
Following a sweeping law enforcement operation in May—which dismantled over 2,300 domains and disrupted portions of its infrastructure—the malicious Lumma platform is once again exhibiting a resurgence in activity. Despite the significant blow, the...
A team of analysts at Kaspersky Lab has uncovered an exceptionally sophisticated piece of malware embedded within the Exchange infrastructure of governmental institutions. Based on forensic logs and the nature of the executable code,...
Attacks targeting outdated SonicWall SMA 100 devices have once again exposed the fragility of network perimeters often overlooked by conventional security systems. According to the Google Threat Intelligence Group (GTIG), a targeted campaign employing...
The hacker group UAC-0226 continues to aggressively evolve its malicious tool GIFTEDCROOK, which initially functioned as a browser data-stealing utility but has now acquired advanced capabilities, enabling the targeted exfiltration of confidential documents and...
In a sweeping espionage campaign dubbed LapDogs, over a thousand small office and home office devices were compromised. Researchers from the STRIKE team at SecurityScorecard reported that the attack was linked to Chinese threat...