2025-06-13 • Twitter (@Unit42_Intel) • Unit 42 • elf.hyperssl, win.hyperssl Open article on Malpedia
2025-06-15 • Positive Technologies • Stanislav Pyzhov, Vladislav Lunin • win.cobalt_strike Open article on Malpedia
2025-06-16 • Trend Micro • Aira Marcelo, Gabriel Nicoleta, Jovit Samaniego, Mohamed Fahmy Open article on Malpedia
2025-06-18 • Elastic • Salim Bitam • win.hijackloader, win.lumma, win.sectop_rat Open article on Malpedia
2025-06-11 • Interpol • Interpol Open article on Malpedia
2025-06-12 • Symantec • Carbon Black, Threat Hunter Team • win.fog Open article on Malpedia
2025-06-18 • Huntress Labs • Alden Schmidt, Jonathan Semon, Stuart Ashenbrenner Open article on Malpedia
2025-06-12 • cocomelonc • cocomelonc Open article on Malpedia
2025-06-18 • PRODAFT • PRODAFT • apk.antidot Open article on Malpedia
2025-06-19 • cocomelonc • cocomelonc Open article on Malpedia
A prominent expert on Russian information operations was targeted by a sophisticated spear phishing attack likely coming from Russian hackers
2025-06-18 • Cisco Talos • Vanja Svajcer • py.pylangghost Open article on Malpedia
The U.K.’s thriving £13.2 billion (about US$17.7 billion) cybersecurity sector is set to expand further under the government’s... The post UK Cyber Growth Action Plan set to invest £16 million to...
Cyber-physical systems (CPS) protection company Claroty announced this week new investments in the U.S. public sector to enhance... The post Claroty expands public sector offerings to protect...
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. "Operated by the financially...
Banana Squad hid data-stealing malware in fake GitHub repos posing as Python tools, tricking users and targeting sensitive info like browser and wallet data.
The U.S. Department of Justice has filed a civil forfeiture complaint to seize more than $225.3 million in cryptocurrency that the government alleges was obtained through crypto scams. The DoJ...
News broke today of a "mother of all breaches," sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials...
The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls featuring deepfaked company executives to trick them...
DALL-E for coders? That’s the promise behind vibe coding, a term describing the use of natural language to create software. While this ushers in a new era of AI-generated code, it introduces...
A new version of the Android malware "Godfather" creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps. [...]
A civil forfeiture complaint was filed in U.S. District Court for the District of Columbia this week, where investigators from the FBI and U.S. Secret Service said they used blockchain analysis to...
Banana Squad exploited GitHub to distribute malicious Python code disguised as legitimate tools
Cybercriminals are injecting fake support phone numbers onto official sites like Bank of America and Netflix. Learn how 'search parameter injection' scams work and protect yourself now.
June has been a challenging month for cybersecurity teams, with a wave of high-impact vulnerabilities disrupting the threat landscape. After the disclosure of a newly patched XSS zero-day in...
Most cyberattacks today don’t start with loud alarms or broken firewalls. They start quietly—inside tools and websites your business already trusts. It’s called “Living Off Trusted Sites”...
Python RAT PylangGhost, linked to Famous Chollima, targeted crypto professionals via fake job sites
Doughnut maker Krispy Kreme has revealed that sensitive financial and personal data of over 160,000 individuals has been impacted following a November 2024 cyber incident
A practical roadmap to early wins, long-term value and stakeholder buy-in
If you've ever forgotten your Facebook password, you know how difficult it can be to regain access to your account. That struggle may soon be a thing of the past.