New Analysis Reveals LockBit 5.0’s Core Features and Dual-Stage Attack Model
LockBit has remained one of the most dominant ransomware-as-a-service (RaaS) groups in the world since its emergence as ABCD ransomware in 2019 and official launch…
Month: November 2025
Fake CAPTCHA sites now have tutorial videos to help victims install malware
Early on in 2025, I described how criminals used fake CAPTCHA sites and a clipboard hijacker to provide instructions for website visitors that would effectively…
CVE-2025-12779: Amazon WorkSpaces Linux Vulnerability
A newly disclosed security flaw in the Amazon WorkSpaces client for Linux has raised serious concerns across organizations relying on AWS virtual desktop infrastructure. The vulnerability, identified as CVE-2025-12779, enables local…
Exploiting JWT Vulnerabilities: Advanced Exploitation Guide
Before JSON Web Tokens (JWTs) became popular in today’s app development landscape, web applications predominantly used server-side sessions, which presented horizontal scalability issues. JWTs solved…
New Analysis Uncovers LockBit 5.0 Key Capabilities and Two-Stage Execution Model
LockBit 5.0 made its debut in late September 2025, marking a significant upgrade for one of the most notorious ransomware-as-a-service (RaaS) groups. With roots tracing…
Weaponized Videos Trigger Self-Infection Tactics
ClickFix attacks have surged dramatically over the past year, cementing their position as pivotal tools in the modern attacker’s arsenal. These sophisticated social engineering campaigns…
University Of Pennsylvania Confirms Major Cyberattack
The University of Pennsylvania has confirmed that a hacker stole sensitive university data during a recent cyberattack. The breach, first detected on October 31, 2025, resulted in…
The quiet revolution: How regulation is forcing cybersecurity accountability
Cybersecurity headlines still focus on the headline-grabbing moments, whether it’s the latest breach, a zero-day exploit, or an eye-catching product launch. However, beneath the surface…
New Android Malware ‘Fantasy Hub’ Intercepts SMS Messages, Contacts and Call Logs
Russian-based threat actors are distributing a sophisticated Android Remote Access Trojan through underground channels, offering it as a subscription service to other criminals. The malware,…
Threat Actors Use Stolen RDP Credentials to Deploy Cephalus Ransomware
A new ransomware group, Cephalus, has emerged in the cybersecurity threat landscape, targeting organizations through compromised Remote Desktop Protocol (RDP) accounts. First detected in mid-June…
Leak confirms Google Gemini 3 Pro and Nano Banana 2 could launch soon
Google is planning to ship two new models. One is Gemini 3, which is optimised for coding and regular use, and the second is Nano…
Researchers Evaded Elastic EDR’s Call Stack Signatures by Exploiting Call Gadgets
Security researchers have successfully evaded Elastic EDR’s call stack signature detection by exploiting a technique involving “call gadgets” to bypass the security tool’s behavioral analysis.…