While most ransomware operations focus on VMware ESXi servers, RedCurl's new QWCrypt ransomware specifically targets virtual machines hosted on Hyper-V. Bitdefender observed attacks involving phishing emails with ".IMG" attachments disguised as CVs.

Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by tricking targets into viewing malicious files in Windows Explorer.

CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged them to patch their servers immediately. The vulnerability is mitigated if the DMZ feature of CrushFTP is enabled.

This phishing technique creates fake browser windows within real browser windows (Browser in the Browser) to create login pages or other realistic forms to steal users' credentials or one-time MFA passcodes (OTP).

Attackers can leverage the vulnerability to evade Windows file reputation protections and execute code because the user is not warned before loading unexpected MSC files on unpatched devices.

A China-linked advanced threat group named Weaver Ant spent more than four years in the network of a telecommunications services provider, hiding traffic and infrastructure with the help of compromised Zyxel CPE routers.

Signed malware has the advantage of potentially bypassing security filters that would normally block unsigned executable files, or at least treat them with less suspicion.

Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories.

The U.S. Department of Treasury announced today that it has removed sanctions against Tornado Cash, a cryptocurrency mixer used by North Korean Lazarus hackers to launder hundreds of millions stolen in multiple crypto heists.

Valve has removed from its Steam store the game title 'Sniper: Phantom's Resolution' following multiple users reporting that the demo installer infected their systems with information stealing malware.