Cybersecurity researchers have uncovered a widespread campaign involving over 130 malicious GitHub repositories created by a threat actor using the alias "ischhfd83." These repositories impersonated malware tools and game cheats to lure users.

A sophisticated malware campaign has been uncovered that leverages spoofed DocuSign CAPTCHA verification pages to deliver the NetSupport RAT. It employs clipboard poisoning to trick users into executing malicious PowerShell scripts.

Acreed, a new infostealer malware strain, has rapidly risen to prominence in the cybercriminal ecosystem following the global takedown of Lumma Stealer (LummaC2) in May 2025.

ConnectWise has confirmed a cyberattack on its ScreenConnect remote access platform, attributed to a sophisticated nation-state threat actor. The breach affected a limited number of customers

A new phishing technique known as Fullscreen Browser-in-the-Middle (BitM) attack is exploiting standard browser functionality to deceive users into submitting credentials on fake login pages.

A new campaign is exploiting TikTok’s vast user base and viral content model to distribute information-stealing malware, including Vidar and StealC. It uses AI-generated videos to socially engineer users into executing malicious PowerShell commands.

More than a third (36%) of people have had at least one online account compromised due to weak or stolen passwords in the past year, according to new research by the FIDO Alliance.

Cybercriminals are deploying highly sophisticated subscription scams, including deceptive “mystery box” offers, to harvest credit card data and commit financial fraud. These scams are spreading across social media platforms, particularly Facebook.

Gremlin Stealer is a newly identified C#-based infostealer malware actively promoted on Telegram since March 2025. It targets Windows systems and is capable of harvesting a broad range of sensitive data.

A targeted spear phishing campaign has been uncovered against senior members of the World Uyghur Congress (WUC), aiming to deploy surveillance malware. The malware was delivered through a trojanized version of UyghurEditPP.