Russia-aligned threat actors are abusing the Viber messaging platform as covert attack infrastructure, using trusted communication channels to distribute malware and evade traditional security defenses.
The KimWolf malware Android botnet demonstrates how mobile threats continue to scale by abusing Android apps, infrastructure, and weak security controls.
Malicious npm packages are being used as hidden attack infrastructure, abusing the open-source supply chain to distribute malware, evade detection, and compromise developer environments.
The threat landscape that shaped cybersecurity in 2025 reveals how identity abuse, ransomware evolution, and supply chain risks forced organizations to rethink defense strategies.
Multiple vulnerabilities in TeamViewer DEX expose risks in enterprise endpoint monitoring platforms, raising concerns about unauthorized access, telemetry abuse, and internal reconnaissance within corporate environments.
A China-linked cyber espionage malware campaign demonstrates how attackers abuse DNS traffic to maintain stealthy, long-term command-and-control access.
Recent cyber threats highlight a sharp rise in stealth malware loaders and AI-assisted attack techniques, signaling a shift toward quieter, more adaptive initial access strategies that challenge traditional detection models.
The Romanian Waters Authority suffered a ransomware attack that disabled key hydrological systems, forced emergency containment actions, and exposed ongoing cybersecurity weaknesses in critical infrastructure.
A malicious npm package posing as a WhatsApp API library was found harvesting login tokens, messages, and contacts from developers, demonstrating a sophisticated supply chain attack that can persistently link attacker devices to compromised WhatsApp accounts.
A new Android SMS stealer campaign is spreading across Uzbekistan, using deceptive apps to capture messages and authentication codes. The attack highlights fast-evolving mobile threats and the need for stronger device security.