A new malvertising campaign is using deceptive Google Ads mimicking trusted macOS software brands like Homebrew and LogMeIn to deliver potent infostealers such as AMOS and Odyssey. Mac developers and advanced users are being targeted with copy-and-paste terminal commands that install malware under the guise of legitimate apps. This expert breakdown shows how the attack works, what to watch for and how to defend your environment.
A newly discovered backdoor, dubbed Net-CAPI, has infiltrated multiple Russian government networks by hijacking Windows cryptographic services. Analysts believe the tool, developed by a sophisticated threat group, uses advanced evasion and persistence methods to hide within legitimate system operations—making detection nearly impossible.
A U.S. court ordered Israeli spyware maker NSO Group to halt operations targeting WhatsApp and reduced damages in Meta’s lawsuit. The decision reinforces accountability for private surveillance firms accused of breaching digital privacy.
The Silver Fox group, long known for precision-targeted malware operations, has extended its Winos 4.0 campaign into Japan and Malaysia. Security experts now observe the deployment of HoldingHands RAT through malicious PDF attachments and deceptive software installers.
North Korea–linked hackers now embed JavaScript malware in blockchain smart contracts via EtherHiding. This stealthy method turns public blockchains into resilient drop zones. The multi-stage campaign includes JADESNOW and InvisibleFerret backdoors, demanding new defense strategies.
Cybercriminals are distributing malware through fake judicial notification emails, posing as court summons or legal notices.
The campaign aims to deceive users into opening malicious attachments or clicking links that trigger trojan infections and data theft.
Researchers have uncovered a new global campaign linked to the TA585 threat group, deploying a malware strain called MonsterV2. The campaign targets enterprise, finance, and industrial sectors, leveraging advanced persistence and evasion techniques to steal data and compromise corporate networks
Cybersecurity researchers have uncovered a massive router-based botnet, dubbed RondoDox, that converts compromised devices into nodes within a global proxy network. The botnet enables cybercriminals to route attacks, anonymize traffic, and monetize access to infected routers worldwide.
Cybersecurity researchers uncovered a North Korean operation that targets software developers by hiding malicious code inside public repositories.
The campaign, linked to Lazarus Group, uses fake developer tools and trojanized libraries to infiltrate development environments worldwide.
Hackers have corrupted trusted antivirus software installers, injecting malicious code that installs hidden malware instead of legitimate protection.
Security researchers warn that this supply chain compromise could expose enterprises and consumers to large-scale remote control and data theft.