Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and...

2025-05-13 • Proofpoint • Greg Lesnewich, Mark Kelly, Saher Naumaan Open article on Malpedia

2025-05-19 • The DFIR Report • 0xtornado, pcsc0ut, Randy Pargman • win.mimic, win.mimikatz Open article on Malpedia

Seven sources tell CyberScoop that a lack of coordination and miscommunication between federal agencies and the telecommunications industry left critical networks exposed to the Chinese hacking...

The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware...

The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware...

Nitrogen, a ransomware strain, has emerged as a major threat to organizations worldwide, with a particular focus on…

Service desks are on the front lines of defense—and attackers know it. Attackers are using social engineering attacks to trick agents into changing passwords, disabling MFA, and granting access....

Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.

When a formerly incarcerated “troubleshooter for the mafia” looked for a second career he chose the thing he knew best. He became a prison consultant for white-collar criminals.

2025-05-13 • EclecticIQ • Arda Büyükkaya • elf.krustyloader, elf.snowlight, win.vshell Open article on Malpedia

Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media

2025-05-08 • Fortinet • Ran Mizrahi • jar.ratty Open article on Malpedia

2025-05-12 • Genians • Genians • win.rokrat Open article on Malpedia

2025-05-19 • cyjax • Joe Wrieden • win.bumblebee Open article on Malpedia

2025-05-09 • Lumen • Black Lotus Labs Open article on Malpedia

Regeneron, which intends to acquire 23andMe for $256m, says data security and privacy will be a priority

State and local governments must grapple with resource constraints even as they face increased demand for cybersecurity vigilance to protect critical infrastructure and essential services. Here’s...

2025-05-07 • FBI • FBI • elf.themoon Open article on Malpedia

2025-05-07 • FBI • FBI • elf.themoon Open article on Malpedia

2025-05-07 • US Department of Justice • U.S. Attorney's Officea Northern District of Oklahoma • elf.themoon Open article on Malpedia

2025-05-02 • Kroll • Dave Truman, George Glass, Marc Messer • win.havoc Open article on Malpedia

2025-05-07 • Palo Alto Networks Unit 42 • Unit 42 Open article on Malpedia

2025-05-08 • Forescout • Luca Barba, Sai Molige Open article on Malpedia

2025-05-13 • Cisco Talos • Asheer Malhotra, Ashley Shen, Edmund Brumaghin, Vitor Ventura Open article on Malpedia

2025-05-16 • Fred Gutierrez, Shunichi Imano • win.vanhelsing Open article on Malpedia

2025-05-16 • AhnLab • ASEC • win.dbatloader Open article on Malpedia

2025-05-19 • CSA • Ahmad Abdillah • win.netfilter Open article on Malpedia

Regeneron Pharmaceuticals, a leading U.S.-based biotechnology company, has announced it will acquire most of the assets of 23andMe, a consumer genetic testing, for $256 million. The 23andMe...

2025-05-19 • ESET Research • ESET Research • js.beavertail, py.invisibleferret, win.golangghost Open article on Malpedia