-
Researchers at Acronis have discovered a malicious trojanized version of the Red Alert rocket warning app targeting Israeli Android users. Distributed via fake Home Front Command SMS messages, this spyware steals GPS data, SMS messages, and contact lis…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A highly sophisticated China-linked threat actor, identified as UAT-9244, has been actively targeting critical telecommunications infrastructure across South America since 2024. Security researchers assess with high confidence that UAT-9244 exhibits cl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are abusing interest in Anthropic’s Claude Code tools by setting up fake download pages that ultimately drop a lightweight infostealer via mshta.exe. The campaign shows how a single living‑off‑the‑land binary (LOLBIN) can power an effecti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A highly coordinated malware campaign that targets cryptocurrency and Web3 professionals through fake venture capital (VC) identities on LinkedIn. The operation combines advanced social engineering with cross-platform payloads and a ClickFix-style fake…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phishing campaign is using stolen certificates from TrustConnect Software PTY LTD to sign malware. By impersonating updates for Zoom and Microsoft Teams, hackers install RMM tools to gain persistent, privileged access to networks
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Iran‑nexus APT group “Dust Specter” is targeting Iraqi government officials with AI‑assisted custom .NET malware, using dual attack chains that blend DLL sideloading, in‑memory PowerShell, and ClickFix‑style lures. In January 2026, Zscaler ThreatLabz t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VoidLink marks a turning point in how adversaries target Kubernetes and AI workloads, signaling a shift toward cloud-native, AI-aware malware frameworks that live where modern value is created: inside containers, pods, and GPU clusters.research. It fin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An active Zerobot campaign abusing two critical vulnerabilities CVE-2025-7544 in Tenda AC1206 routers and CVE-2025-68613 in the n8n workflow automation platform to deploy a Mirai-based payload dubbed Zerobotv9. The campaign uses common download tools a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fake Zoom and Google Meet pages trick users into installing a monitoring software on Windows systems through phishing links and fake updates.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has released a Malware Analysis Report (MAR) detailing a new malware family dubbed RESURGE, which is actively exploiting a zero-day vulnerability in Ivanti Connect Secure devices. According to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
