In early May 2025, Unit 42 researchers observed multiple instances of AdaptixC2 being deployed to infect enterprise systems. Unlike many high-profile command-and-control (C2) platforms, AdaptixC2…
The revelation that commercially available FlexiSPY spyware was clandestinely installed on devices belonging to Kenyan filmmakers while in police custody has ignited fresh concerns over…
A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by…
The threat actor delivers three Remote Access Trojans (RATs)—ValleyRAT, FatalRAT, and a newly discovered RAT dubbed kkRAT—via phishing sites hosted on GitHub Pages. These sites…
During a recent threat hunting exercise, the Sysdig Threat Research Team (TRT) identified a new sample dubbed ZynorRAT. This Go-based Remote Access Trojan (RAT) delivers…
Spoof the email delivery platform SendGrid and employ fake Cloudflare CAPTCHA interstitials to lend legitimacy before redirecting unsuspecting users to credential harvesting pages. Since June…
A critical vulnerability in NVIDIA’s NVDebug tool could allow attackers to gain elevated system access, execute code, or tamper with data. NVIDIA released a security…
FastNetMon today announced that it detected a record-scale distributed denial-of-service (DDoS) attack targeting the website of a leading DDoS scrubbing vendor in Western Europe. The attack reached 1.5…
FastNetMon today announced it detected a record-scale distributed denial-of-service (DDoS) attack targeting the website of a leading DDoS scrubbing vendor in Western Europe. The attack…
A new wave of macOS-targeted malware has emerged under the radar—despite employing advanced process reconnaissance and maintaining successful notarization status for years. Jamf Threat Labs…
The Australian Cyber Security Centre (ACSC) has issued an urgent warning about a critical vulnerability in SonicWall firewall devices that is being actively exploited by…
On September 8th, 2025, at approximately 9AM EST, the npm ecosystem faced an acute supply chain attack. A threat actor leveraged social engineering techniques to…
