-
Olymp Loader has emerged as a sophisticated Malware-as-a-Service (MaaS) platform since its public debut in June 2025, quickly establishing itself as a notable threat across underground cybercriminal forums and Telegram channels. Marketed under the alia…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Huntress have uncovered a sophisticated ClickFix campaign that leverages steganography to conceal malicious code within PNG images disguised as Windows Update screens. The attack chain delivers multiple variants of informat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Zapier’s NPM account has been successfully compromised, leading to the injection of the Shai Hulud malware into 425 packages currently distributed across the npm ecosystem. The attack represents a significant supply chain threat, with the affecte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The rapid proliferation of large language models has transformed how organizations approach automation, coding, and research. Yet this technological advancement presents a double-edged sword: threat actors are increasingly exploring how to weaponize th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new era of web-delivered malware has arrived with EtherHiding, a technique that fundamentally reshapes how attackers distribute and rotate malicious payloads. Unlike traditional threats that rely on static staging servers or disposable redirect chain…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
K7 Labs researchers have identified a sophisticated Python-based malware sample employing multi-stage obfuscation and process injection techniques to achieve stealthy persistence on Windows systems. The malware reconstructs a 65 MB blob, with the bulk …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new breed of browser-based cyberattack is sweeping the threat landscape, as BlackFog researchers have uncovered. Dubbed Matrix Push C2, this command-and-control framework arms cybercriminals with the means to launch fileless malware and phishing camp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at the AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated cyberattack campaign targeting Microsoft Windows Server Update Services (WSUS) infrastructure. The attackers are exploiting a critical remote code exe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Google Threat Intelligence Group (GTIG) has unveiled a sophisticated three-year cyber espionage campaign orchestrated by APT24, a China-nexus threat actor, targeting organizations primarily in Taiwan through the deployment of BADAUDIO malware and s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MTI Security researchers have uncovered a new, particularly advanced Android banking trojan, dubbed Sturnus, that targets users’ financial and personal data with an unprecedented level of device control and operational stealth. Distinct from convention…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
