Daily Cybersecurity Roundup

In search of connection, dating apps have become a popular gateway, but cybercriminals are now weaponizing that very trust, as seen in the SarangTrap campaign, which uses fake dating and social networking apps to steal sensitive ... Read More
As the Dalai Lama’s 90th birthday approaches—a milestone worth candles and cake—threat actors are marking the occasion in darker ways, with China-nexus APTs launching GhostChat and PhantomPrayers campaigns targeting Tibetans. Me ... Read More
Sophisticated cyber threats are on the rise, impacting various sectors with their advanced techniques. In one such campaign, Operation CargoTalon, the UNG0901 group is targeting employees in Russia's defense sector, specifically ... Read More
This sponge won’t clean your mess—Greedy Sponge is busy soaking up credentials and scrubbing Mexican organizations out of their data with RATs and proxy malware in tow. Meanwhile, a phishing campaign against npm maintainers led ... Read More
A surge in cyber threats has emerged across multiple fronts, with researchers uncovering four new Android spyware apps masquerading as VPNs, linked to Iran’s Ministry of Intelligence and the MuddyWater group. At the same time, a ... Read More
Spear-phishing remains one of the most effective entry points for cyberattacks, as seen with SquidLoader’s recent campaign targeting Hong Kong financial institutions using fake invoice attachments to deliver malware. Meanwhile, ... Read More
Cyber threat actors continue to evolve their tactics, launching targeted campaigns driven by both financial and geopolitical motives. Recent activity includes the financially motivated UNC6148 exploiting SonicWall SMA 100 series ... Read More
Turns out, this Konfety isn’t the kind you toss at parties—this one crashes the celebration by sneaking in as a benign app’s evil twin, spreading malware through third-party sources. Expanding on stealth techniques, threat ... Read More
North Korean threat actors are escalating cyber campaigns, deploying 67 malicious npm packages with the XORIndex loader—downloaded over 17,000 times—and simultaneously targeting crypto startups with fake Zoom invites to steal di ... Read More
RATs are crawling back, this time not in your basement, but in your servers. Researchers have uncovered a new PHP-based variant of the Interlock RAT, ditching its former JavaScript (NodeSnake) skin for stealthier deployment. Mea ... Read More

Get the Daily Cybersecurity Roundup delivered to your email!

Recent Blogs
Daily Threat Briefing