-
Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A multi-cluster cyberespionage operation in which attackers used USB-propagated malware, multiple RATs, loaders, and a custom stealer to target a Southeast Asian government organization between June and August 2025. Analysts initially observed USB-born…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered macOS infostealer dubbed Infiniti Stealer is being actively distributed through deceptive Cloudflare-style CAPTCHA pages, marking a notable evolution in social engineering attacks targeting Apple users. Initially tracked as “NukeChai…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ReversingLabs researchers identify a new Ghost campaign using fake npm install logs and progress bars to phish for sudo passwords and steal crypto wallets from developers.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are standardizing a powerful ClickFix-based attack that abuses the Windows Run dialog box and macOS Terminal to deliver malware while sidestepping traditional browser protections. Insikt Group has tracked five distinct ClickFix activity c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CyberProof researchers have detected a 10% surge in PXA Stealer attacks targeting financial institutions in Q1 2026. Learn…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GhostClaw is a multi-stage macOS infostealer that now abuses both GitHub and AI-assisted development workflows to harvest credentials and deploy secondary payloads, significantly widening its potential victim base. Jamf Threat Labs has since expanded o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Sonatype uncovers a sophisticated malware campaign using hijacked npm developer accounts to steal API keys and passwords. Is your dev environment at risk?
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A fast-evolving information‑stealing malware dubbed “Torg Grabber” that has shifted from simple Telegram‑based exfiltration to a hardened, encrypted REST API command‑and‑control (C2) channel fronted by Cloudflare. The operation surfaced when a 747 KB 6…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fake screenshot links are being used to quietly deploy a multi‑stage backdoor against Web3 customer support teams, in a campaign assessed to be linked to the Chinese financially motivated group APT‑Q‑27 (GoldenEyeDog). The operation abuses live chat wo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
