LandFall is a commercial-grade Android spyware that weaponized WhatsApp images to exploit a Samsung zero-day in the image pipeline. The payload rode malformed DNG files, then modified SELinux and deployed modules for full-device surveillance. Patch promptly and restrict media auto-download.
A Russian-linked threat actor is hiding Stealc V2 infostealer inside Blender project files shared on 3D model marketplaces. By abusing Blender’s Auto Run Python Scripts feature, the campaign turns legitimate-looking character rigs into a delivery vector that steals browser, wallet, VPN and messaging credentials from creative workstations.
A U.S. court ordered Israeli spyware maker NSO Group to halt operations targeting WhatsApp and reduced damages in Meta’s lawsuit. The decision reinforces accountability for private surveillance firms accused of breaching digital privacy.
The UK is investigating whether Yutong electric buses can be remotely deactivated. Norway’s Faraday-cage tests and Denmark’s review raised alarms about SIM-enabled diagnostics and OTA updates. Operators should lock down telematics, broker OTA, and drill outage response now.
Qilin ransomware now combines a Linux payload with a BYOVD (Bring-Your-Own-Vulnerable-Driver) exploit, enabling affiliates to bypass endpoint controls and compromise virtualised and Windows environments. This briefing explains the attack chain, detection challenges, and immediate defensive steps security teams must apply.
SilentButDeadly is an open-source Windows tool that neutralizes EDR and AV visibility by cutting their cloud communications with Windows Filtering Platform filters instead of killing the agents. This article unpacks how SilentButDeadly discovers security processes, applies process-specific network blocks, disrupts services, and what defenders should monitor to detect and withstand similar EDR neutralization techniques.
A rapid cascade of cyber events Chrome zero-day, a record DDoS, Cisco IOS exploit, and Kali Linux upgrade highlight how threat activity keeps accelerating.
JSSmuggler uses JavaScript-based smuggling to hide and reassemble Windows malware at runtime, bypassing security tools and enabling advanced payload delivery. This analysis explains how it works and how defenders can counter it.
South Korea’s cybersecurity faces unprecedented strain after months of continuous data breaches across public and private sectors, revealing deep governance and policy flaws.
The recent outage at AWS’s US-EAST-1 region grounded dozens of major services and exposed a deeper issue: the loss of senior engineering expertise at Amazon. As widespread apps and platforms went offline, one question loomed large: Can the world’s largest cloud infrastructure sustain itself amid massive talent reductions? Below, we analyse the root causes, implications and lessons for infrastructure reliability.