Malware & Threats
Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild.
Hi, what are you looking for?
Threat actors have abused the TeamFiltration pentesting framework to target over 80,000 Entra ID user accounts.
Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild.
Cato Networks has analyzed a new IoT botnet named Ballista, which targets TP-Link Archer routers.
Binance is being spoofed in an email campaign using free TRUMP Coins as a lure leading to the installation of the ConnectWise RAT.
GreyNoise warns of mass exploitation of a critical vulnerability in PHP leading to remote code execution on vulnerable servers.
Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution.
Microsoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub.
The $1.4 billion ByBit cryptocurrency heist combined social engineering, stolen AWS session tokens, MFA bypasses and a rigged JavaScript file.
A second iteration of the BadBox botnet that affected over one million Android devices has been partially disrupted.
Silk Typhoon APT caught using IT supply chain entry points to conduct reconnaissance, siphon data, and move laterally on victim networks.
The Eleven11bot botnet has been described as one of the largest known DDoS botnets observed in recent years.
CrowdStrike has published its 2025 Global Threat Report, which warns of faster breakout time and an increase in Chinese activity.
New Linux malware named Auto-Color, which allows full remote access to compromised devices, targets North America and Asia.
A China-linked botnet powered by 130,000 hacked devices has targeted Microsoft 365 accounts with password spraying attacks.
Seattle startup building technology to mitigate lateral movement and block “living off the land” techniques wins interest from investors.
ESET says hundreds of freelance software developers have fallen victim to North Korean hackers posing as recruiters.
China-linked cyberespionage toolkits are popping up in ransomware attacks, forcing defenders to rethink how they combat state-backed hackers.
A recently identified macOS infostealer named FrigidStealer has been distributed through a compromised website, as a fake browser update.
Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations.
A newly discovered Golang backdoor is abusing Telegram for communication with its command-and-control (C&C) server.
Microsoft has observed a new variant of the XCSSET malware being used in limited attacks against macOS users.