What happens when Python packages turn predator? Researchers uncovered 20 malicious PyPI packages, downloaded over 14,100 times, quietly stealing cloud access tokens. A phishing scheme has GitHub developers in its crosshairs, tar ...
Read More
A fresh ransomware gang is following a familiar playbook. Mora_001 is exploiting Fortinet vulnerabilities to deploy SuperBlack ransomware, with tactics hinting at LockBit ties. The new OBSCURE#BAT campaign is using social enginee ...
Read More
A North Korean spyware slipped into Google Play before anyone noticed. The KoSpy surveillance tool was secretly distributed through Google Play Store and Firebase Firestore, targeting Android users before its takedown. A ransomwa ...
Read More
A botnet is silently taking over home routers, and defenders are playing catch-up. The Ballista botnet is exploiting an unpatched flaw in TP-Link Archer routers, enabling DDoS attacks across multiple industries in multiple countr ...
Read More
Even open-source ecosystems aren’t safe when Lazarus is on the prowl. The North Korean APT infiltrated the npm ecosystem with multiple newly discovered malicious packages containing BeaverTail malware, which were downloaded hundr ...
Read More
The cybercrime underworld is throwing a malware mixer, and everyone’s invited. Heavy hitters like FIN7, FIN8, and others are passing around the Ragnar Loader toolkit like a hot potato. The ESP32 microchip has been caught hiding m ...
Read More
Dark shadows lurking in code are stirring up a storm across the digital landscape. Over 1,000 WordPress sites have been laced with malicious JavaScript, embedding four backdoors for attackers to slip back in at will. Meanwhile, E ...
Read More
Gamers beware! A crafty campaign impersonating the Electronic Frontier Foundation is hitting Albion Online players, unleashing Stealc malware and Pyramid C2 infrastructure to snatch data and wreak havoc. Scammers have once again ...
Read More
The cyber landscape is heating up with a trio of cunning attacks. Eleven11bot has snared over 86,000 IoT devices for DDoS mayhem, hitting countries across the world. Russia’s APT28 is prowling Central Asia and Kazakhstan with a s ...
Read More
From precision strikes to billion-dollar scams, cybercriminals are hitting hard on all fronts. A pinpoint phishing campaign targeted a handful of UAE entities in aviation and satellite communications, delivering a sneaky new Gola ...
Read More