China-Linked Actors Abuse DNS in Advanced Espionage Malware
A China-linked cyber espionage malware campaign demonstrates how attackers abuse DNS traffic to maintain stealthy, long-term command-and-control access.
Category: Malware
Read More
Stealth Malware Loaders and AI-Assisted Attacks Reshape
Recent cyber threats highlight a sharp rise in stealth malware loaders and AI-assisted attack techniques, signaling a shift toward quieter, more adaptive initial access strategies that challenge traditional detection models.
Romanian Waters Agency Battles Outage After Ransomware Strike
The Romanian Waters Authority suffered a ransomware attack that disabled key hydrological systems, forced emergency containment actions, and exposed ongoing cybersecurity weaknesses in critical infrastructure.
Fake npm WhatsApp API Library Found Stealing Sensitive Data
A malicious npm package posing as a WhatsApp API library was found harvesting login tokens, messages, and contacts from developers, demonstrating a sophisticated supply chain attack that can persistently link attacker devices to compromised WhatsApp accounts.
Uzbekistan Users Face Wave of Android SMS-Stealing Malware
A new Android SMS stealer campaign is spreading across Uzbekistan, using deceptive apps to capture messages and authentication codes. The attack highlights fast-evolving mobile threats and the need for stronger device security.
Nefilim Ransomware Affiliate Pleads Guilty After Capture
A Ukrainian hacker has pled guilty in the Nefilim ransomware affiliate arrest, confirming his role in targeted extortion campaigns. This article examines the investigation, attack methods, and the broader implications for enterprise cybersecurity teams.
North Korea Expands Industrial-Scale Crypto Theft Operations
North Korea has transformed cryptocurrency theft into a state-backed, industrial cyber operation. With coordinated threat groups, refined malware pipelines, and aggressive targeting of exchanges and DeFi platforms, DPRK attackers continue scaling their global theft strategy despite expanding sanctions and international pressure.
ThreatsDay Bulletin: Spyware Alerts and Emerging Global Malware
This week’s ThreatsDay Bulletin highlights rising spyware alerts, global scanning activity, and new Linux backdoor threats essential insight for defenders and SOC teams.
ClickFix AI Attack Uses Grok and ChatGPT to Deliver Malware
A new ClickFix-style attack abuses Grok and ChatGPT to deliver malware by convincing users to run malicious commands disguised as troubleshooting advice. This article explains how the attack works and how defenders can detect and prevent it.
LinkedIn-Related Data Exposure Sparks Global Phishing Risk
A massive misconfigured database exposed billions of LinkedIn-related records, enabling attackers to refine phishing, impersonation, and identity-based attacks. This investigative report examines how the leak happened and why its long-tail impact will persist for years.