Threat Actors Use Fake Update Lures to Deploy SocGholish Malware
In a significant escalation of cyber threats, Arctic Wolf Labs has identified a coordinated campaign in which the Russian-aligned RomCom threat group leverages the SocGholish…
In a significant escalation of cyber threats, Arctic Wolf Labs has identified a coordinated campaign in which the Russian-aligned RomCom threat group leverages the SocGholish…
A cybercriminal operating under the alias ByteToBreach has emerged as a prominent figure in the underground data trade, orchestrating a series of high-profile breaches targeting…
North Korean-aligned threat actors are leveraging convincing fake job recruitment websites to deceive macOS users into executing malicious Terminal commands that deliver the FlexibleFerret malware,…
The global gaming community is reeling after Bitdefender Labs revealed widespread malware operations exploiting the blockbuster launch of Electronic Arts’ Battlefield 6, a first-person shooter…
Security researchers at Cato CTRL have uncovered HashJack. This innovative indirect prompt-injection attack hides harmful commands in the fragment portion of URLs after the “#”…
Water Gamayun, a Russia‑aligned advanced persistent threat (APT) group, has launched a new multi‑stage intrusion campaign that weaponizes the recently disclosed MSC EvilTwin vulnerability in…
A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant of…
Fortra has officially released Cobalt Strike 4.12, introducing a comprehensive suite of new features designed to enhance red team operations and offensive security research. The update…
Shai-Huluda, a self-replicating npm worm named after the sandworms in Dune, had struck again. This time, the attack was devastating in scale and sophistication, compromising…
A security vulnerability has been identified in Apache Syncope that could allow attackers to decrypt stored passwords if they gain access to the internal database.…
SitusAMC, a major player in the real estate and finance services sector, disclosed a significant data breach on November 12, 2025, that compromised sensitive corporate…
Cybersecurity researchers at Huntress have uncovered a sophisticated ClickFix campaign that leverages steganography to conceal malicious code within PNG images disguised as Windows Update screens.…