Qilin ransomware now combines a Linux payload with a BYOVD (Bring-Your-Own-Vulnerable-Driver) exploit, enabling affiliates to bypass endpoint controls and compromise virtualised and Windows environments. This briefing explains the attack chain, detection challenges, and immediate defensive steps security teams must apply.
Security researchers revealed that ChatGPT’s Atlas Browser can be manipulated through hidden prompt injections, allowing attackers to hijack AI behavior, leak data, and bypass safeguards. Learn how it works and how to defend against it.
The latest version of the ransomware family known as LockBit has resurfaced with a potent new variant, LockBit 5.0, capable of striking Windows endpoints, Linux servers and VMware ESXi hypervisor platforms in one campaign. Organisations must reassess their ransomware defences and detection posture now.
A newly weaponized version of the open-source toolkit RedTiger is actively targeting Discord accounts and gaming credentials. This article examines the malware’s mechanics, why gamers and enterprises should care, and outlines a mitigation roadmap.
A breakthrough hardware-based technique intercepts TPM communications over the SPI bus to unlock BitLocker volumes protected by TPM + PIN. This article analyses the method and its implications for enterprise encryption strategies.
The Brazilian-origin Caminho Loader uses least significant bit (LSB) steganography to hide .NET payloads inside image files, enabling fileless malware delivery across South America, Africa and Eastern Europe. This advanced threat demands immediate action from security teams.
An engineering-consultant firm supporting Ireland’s defective-block grant scheme suffered a breach that may have exposed homeowner personal data. This article explains the incident, the risks and the lessons cybersecurity teams must apply.
A major rat campaign disguised as the Minecraft mod “Nursultan Client” is compromising gamers via a Python-based Trojan using Telegram bot infrastructure. This tool steals browser tokens, captures webcams, and uses a gamified lure to breach systems and security teams need to view gaming endpoints as serious risk zones.
Threat actors behind a coordinated network on YouTube have uploaded over 3,000 videos that masquerade as software tutorials and cheat walkthroughs, yet lead to credential‐stealer malware downloads. The operation uses compromised channels, fake engagement and download links to evade detection posing a new category of platform-based threat for security teams.
A newly disclosed flaw in Adobe Commerce (formerly Magento) dubbed “SessionReaper” enables attackers to hijack live customer sessions via the REST API. With proof-of-concept exploit code now public and over 250 attacks detected in a single day, administrators must act immediately.