A cyber campaign known as Contagious Interview, believed to be linked to North Korean threat actors, is expanding its reach by planting malicious packages across several major developer ecosystems. Security researchers have discovered that the attackers are disguising malware as…
Enterprise identity management is reaching a critical point. As organizations grow and adopt more applications, cloud services, and automation tools, identity systems are becoming fragmented and harder to control. This fragmentation has led to what experts now describe as “identity…
A Russia-linked threat group known as APT28 has launched a new wave of targeted attacks against Ukraine and its international partners, deploying a previously unknown malware framework called PRISMEX. Security researchers report that the campaign has been active since at…
Cybersecurity researchers have uncovered details about a stealth-focused botnet known as Masjesu, a growing threat built to launch distributed denial-of-service (DDoS) attacks while staying under the radar. First appearing around 2023, Masjesu has been promoted on Telegram as a paid…
Cybersecurity researchers have identified a new version of the Chaos malware that is now actively targeting poorly secured cloud environments. This marks a shift from its earlier focus on routers and edge devices to more complex cloud-based infrastructure. According to…
Cybersecurity researchers have uncovered a previously unknown zero-day vulnerability in Adobe Reader that attackers have been actively exploiting through specially crafted PDF files since late 2025. The issue, analyzed by EXPMON researcher Haifei Li, involves a highly advanced PDF-based exploit…
As artificial intelligence tools become easier to access, many employees are starting to use them without approval from their organization’s IT or security teams. While these tools can improve efficiency and help automate daily tasks, they also introduce a growing…
A newly identified threat group, tracked as UAT-10362, has been linked to targeted spear-phishing attacks against organizations in Taiwan, including non-governmental organizations (NGOs) and likely academic institutions. The campaign introduces a previously unseen Lua-based malware named LucidRook. According to research…
Multiple China-Linked Groups Target Southeast Asian Government in Coordinated Operation Cybersecurity researchers have uncovered a large-scale cyber espionage campaign targeting a government organization in Southeast Asia. The operation appears to involve multiple threat groups with ties to China, working in…
CTRL Malware Campaign Uses Fake Files to Trick Windows Users Security researchers have uncovered a new remote access toolkit known as CTRL, believed to be linked to Russian threat actors. The malware is being spread through deceptive Windows shortcut files…
What’s Really Slowing Down Tier 1 Analysts in Modern SOCs? In many Security Operations Centers (SOCs), delays are often blamed on complex threats. But in reality, the bigger issue is usually the process itself. Fragmented workflows, manual triage steps, and…
DeepLoad Malware Spreads Through ClickFix Social Engineering Campaign Security researchers have uncovered a new cyberattack campaign using a deceptive tactic known as ClickFix to spread a previously unknown malware loader called DeepLoad. According to researchers at ReliaQuest, the malware is…
This Week in Cybersecurity: Small Threats, Big Impact This week’s cybersecurity landscape doesn’t come with one major headline, but that doesn’t mean things are quiet. Instead, there’s a steady buildup of smaller threats, many of which are surprisingly effective. Some…
EDR Killers Are Helping Ransomware Bypass Security Defenses A new cybersecurity report has revealed how attackers are increasingly using specialized tools known as EDR killers to shut down security systems before launching ransomware attacks. These tools are designed to disable…
Apple Issues Urgent Warning Over iOS Exploit Attacks Apple is calling on iPhone users running older versions of iOS to update their devices immediately following the discovery of active web-based attacks using exploit kits known as Coruna and DarkSword. These…
Authorities Disrupt Massive IoT Botnets Behind Global DDoS Attacks The U.S. Department of Justice has announced a major operation targeting several large botnets responsible for some of the most powerful distributed denial-of-service (DDoS) attacks ever recorded. The operation focused on…
New Magento Vulnerability Could Lead to Full Store Compromise A serious security issue has been discovered in Magento’s REST API that could let attackers upload malicious files without authentication. If exploited, the flaw could allow hackers to execute code on…
AI Is Changing Cybercrime Faster Than Security Can Adapt Artificial Intelligence is transforming how businesses operate, but it’s also giving cybercriminals new tools to launch smarter and more effective attacks. From phishing emails that feel personal to malware that constantly…
Google Introduces 24-Hour Delay for Android App Sideloading to Boost Security Google has rolled out a new security update for Android that adds a 24-hour waiting period before users can install apps from unverified sources. The move is part of…
INTERPOL Dismantles Major Cybercrime Infrastructure in Global Operation INTERPOL has announced the disruption of a massive cybercrime network after authorities shut down more than 45,000 malicious IP addresses and servers linked to phishing attacks, malware distribution, and ransomware operations. The…
