A set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database operations and corrupt industrial control systems. […]
Defending digital identity from computer-using agents (CUAs)
For years, organizations have relied on passwords and multi-factor authentication (MFA) based on shared secrets like SMS codes and one-time passwords (OTPs) as the foundation […]
Herodotus Android Banking Trojan Takes Over Devices, Outsmarts Security Tools
A new threat has surfaced in the mobile banking landscape Herodotus, a sophisticated Android banking Trojan that has been wreaking havoc in recent weeks. Offered […]
ClickFix Attack Evolves: Weaponized Videos Trigger Self-Infection Tactics
ClickFix attacks have surged dramatically over the past year, cementing their position as pivotal tools in the modern attacker’s arsenal. These sophisticated social engineering campaigns […]
Attackers Exploit Active Directory Sites to Escalate Privileges and Compromise Domain
Security researchers have uncovered a dangerous attack vector targeting Active Directory Sites, a critical yet often overlooked component of enterprise network infrastructure. According to a […]
New Android Malware ‘Fantasy Hub’ Spies on Users’ Calls, Contacts, and Messages
Russian-based threat actors are actively distributing a sophisticated Android Remote Access Trojan called “Fantasy Hub” via Telegram-based Malware-as-a-Service channels, marking a significant escalation in mobile-focused […]
Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace
In a suspected test effort, unknown actors have successfully embedded a strain of ransomware-style behavior, dubbed Ransomvibe, into extensions listed for Visual Studio Code. According […]
New Analysis Reveals LockBit 5.0’s Core Features and Dual-Stage Attack Model
LockBit has remained one of the most dominant ransomware-as-a-service (RaaS) groups in the world since its emergence as ABCD ransomware in 2019 and official launch […]
U.S. Congressional Budget Office Hit by Cyberattack, Sensitive Data Compromised
The Congressional Budget Office (CBO), which serves as Congress’s official financial advisor, has been targeted in a suspected cyberattack by suspected foreign actors. The breach […]
Enterprise Credentials at Risk – Same Old, Same Old?
Imagine this: Sarah from accounting gets what looks like a routine password reset email from your organization’s cloud provider. She clicks the link, types in […]