Daily Cybersecurity Roundup
/https://cyware-ent.s3.amazonaws.com/image_bank/a76f_shutterstock_2482878845_1.jpg)
Threat actors continue to exploit trust and access across both software supply chains and human networks, as seen in multiple recent campaigns. A malicious npm package named “lotusbail,” downloaded more than 56,000 times, masque ...
Read More
/https://cyware-ent.s3.amazonaws.com/image_bank/3b8e_shutterstock_2639397973.jpg)
As the holiday season brings tales of goblins and mischief, a real-world goblin has surfaced in cyberspace, with the China-aligned APT group LongNosedGoblin targeting government networks in Southeast Asia and Japan. At the same ...
Read More
/https://cyware-ent.s3.amazonaws.com/image_bank/ee0b_shutterstock_2374220943.jpg)
Threat actors are increasingly weaponizing Android and edge-connected devices as entry points and attack infrastructure, while simultaneously intensifying brute-force activity against exposed OT systems. A newly identified botne ...
Read More
/https://cyware-ent.s3.amazonaws.com/image_bank/c95a_shutterstock_90312397.jpg)
Building on the surge in sophisticated, multi-vector cyber campaigns, China-linked threat activity continues to evolve in both scale and deception. The state-aligned group Ink Dragon, also tracked as Jewelbug, has been conductin ...
Read More
/https://cyware-ent.s3.amazonaws.com/image_bank/c7b0_shutterstock_1934980238.jpeg)
This Christmas, cybercriminals are delivering scams instead of gifts, with AI-powered phishing campaigns flooding inboxes and social media with fake deals, charity lures, and UPS and FedEx alerts that lead to realistic fake e-co ...
Read More
/https://cyware-ent.s3.amazonaws.com/image_bank/ebde_Shutterstock_2121140981.jpg)
What looks like a harmless movie night download has turned into a security nightmare, as researchers have uncovered a malicious torrent posing as the Leonardo DiCaprio film One Battle After Another, where weaponized subtitle fil ...
Read More
/https://cyware-ent.s3.amazonaws.com/image_bank/5225_shutterstock_2654091409.jpg)
Cyber agencies across the United States and Canada have warned that PRC state-sponsored operators are actively deploying BRICKSTORM, a stealthy Go-based backdoor designed for prolonged espionage within Government and IT environm ...
Read More
/https://cyware-ent.s3.amazonaws.com/image_bank/2e62_shutterstock_73811260_2.jpg)
A wave of new threats is emerging across platforms, starting with a coordinated campaign that used the Evilginx phishing kit and AiTM techniques to bypass MFA at 18 U.S. universities. At the same time, Android users are being hi ...
Read More
/https://cyware-ent.s3.amazonaws.com/image_bank/2615_shutterstock_1936356346.jpg)
A wave of increasingly sophisticated malware and RAT-driven campaigns is reshaping the threat landscape, as seen in recent operations where North Korean actors are weaponizing the React2Shell vulnerability to deploy EtherRAT, us ...
Read More
/https://cyware-ent.s3.amazonaws.com/image_bank/89d4_shutterstock_1388912930.jpg)
Researchers are tracking multiple active campaigns, including Operation FrostBeacon, a coordinated set of intrusions targeting Russian finance and legal organizations. Another ongoing threat, JS#SMUGGLER, relies on layers of obf ...
Read More
Get the Daily Cybersecurity Roundup delivered to your email!
Recent Blogs
Daily Threat Briefing
