Qilin ransomware now combines a Linux payload with a BYOVD (Bring-Your-Own-Vulnerable-Driver) exploit, enabling affiliates to bypass endpoint controls and compromise virtualised and Windows environments. This briefing explains the attack chain, detection challenges, and immediate defensive steps security teams must apply.
Security researchers revealed that ChatGPT’s Atlas Browser can be manipulated through hidden prompt injections, allowing attackers to hijack AI behavior, leak data, and bypass safeguards. Learn how it works and how to defend against it.
The latest version of the ransomware family known as LockBit has resurfaced with a potent new variant, LockBit 5.0, capable of striking Windows endpoints, Linux servers and VMware ESXi hypervisor platforms in one campaign. Organisations must reassess their ransomware defences and detection posture now.
A newly weaponized version of the open-source toolkit RedTiger is actively targeting Discord accounts and gaming credentials. This article examines the malware’s mechanics, why gamers and enterprises should care, and outlines a mitigation roadmap.
The Lazarus Group launched a sophisticated social-engineering campaign targeting European unmanned aerial vehicle (UAV) manufacturers via fake job offers to steal intellectual property and design data. Understanding the “Operation DreamJob” method, infection chain and mitigation is critical for defense supply-chain security.
A new phishing technique called CoPhish abuses Microsoft Copilot Studio agents to steal OAuth tokens via trusted Microsoft domains, bypassing traditional security filters and highlighting the growing threat within low-code platforms.
A breakthrough hardware-based technique intercepts TPM communications over the SPI bus to unlock BitLocker volumes protected by TPM + PIN. This article analyses the method and its implications for enterprise encryption strategies.
AI-powered ransomware is revolutionizing cybercrime. Using artificial intelligence, attackers automate targeting, evasion, and encryption enabling self-learning, large-scale attacks that outpace human defenses.
The Brazilian-origin Caminho Loader uses least significant bit (LSB) steganography to hide .NET payloads inside image files, enabling fileless malware delivery across South America, Africa and Eastern Europe. This advanced threat demands immediate action from security teams.
Hackers are conducting mass exploitation campaigns against outdated WordPress plugins, allowing remote code execution and full site compromise. This attack wave highlights the urgent need for timely updates and plugin security hygiene.