Security researchers at Zscaler ThreatLabz have uncovered three malicious npm packages designed to install a sophisticated remote access trojan (RAT) targeting JavaScript developers. The packages,…
A sophisticated credential-harvesting operation conducted by BlueDelta, a Russian state-sponsored threat group linked to the GRU’s Main Directorate, targeted critical infrastructure organizations and research institutions…
Linux administrators are being urged to update promptly after disclosures of multiple vulnerabilities in GitLab, including flaws that could enable cross-site scripting, authorization bypass, and denial…
China’s state-sponsored cyber operations against Taiwan have intensified dramatically, with threat actors launching an average of 2.63 million intrusion attempts daily targeting critical infrastructure across…
LockBit has solidified its position as the most prolific ransomware-as-a-service (RaaS) operation globally, accounting for approximately 21% of all documented ransomware attacks in 2023, following…
ToddyCat, a sophisticated cyber-espionage threat group also known as Websiic and Storm-0247, has emerged as a significant risk to organizations across Europe and Asia. The…
A sophisticated phishing campaign is exploiting Google Cloud infrastructure to bypass email security filters and steal Microsoft 365 credentials, demonstrating how attackers increasingly abuse trusted…
A critical security flaw has been discovered in the TOTOLINK EX200 Wi-Fi extender that allows attackers to gain complete control over the device. The vulnerability…
Chinese threat actors are conducting an aggressive campaign that distributes NFC-enabled Android malware capable of intercepting and remotely relaying payment card data via Telegram. Identified…
A sophisticated new ransomware variant, CrazyHunter, has emerged as a critical threat to the healthcare sector, employing advanced anti-malware evasion techniques and rapid network propagation…
A custom Windows packer dubbed pkr_mtsi is fueling large-scale malvertising and SEO‑poisoning campaigns that deliver a broad range of information‑stealing and remote‑access malware, according to new research.…
A critical security vulnerability has been discovered in n8n, the popular workflow automation tool, potentially allowing authenticated attackers to execute arbitrary code on the host…
