Daily Cybersecurity Roundup

Phishing remains one of the most prevalent and effective tactics used by cybercriminals to trick users into downloading malware or revealing sensitive information. In one recent campaign, attackers are targeting Chinese-speaking ... Read More
Recent threat activity highlights a surge in targeted cyberattacks across sectors. The OneClik APT campaign is phishing energy, oil, and gas companies using Microsoft ClickOnce to deploy a .NET loader and drop the Golang-based R ... Read More
Threat actors continue to exploit widely used software ecosystems to distribute malware and advance their campaigns. North Korean threat actors linked to the Contagious Interview campaign have published 35 malicious npm packages— ... Read More
Malware can now slide into your DMs. Russian state-backed group APT28 is using Signal chats to deliver stealthy new malware strains, BeardShell and SlimAgent, in targeted attacks on Ukrainian government entities. Meanwhile, resea ... Read More
Cyber espionage continues to evolve as threat actors deploy increasingly sophisticated tools—like the Confucius APT group's newly uncovered modular backdoor, Anondoor—to infiltrate systems, evade detection, and deliver tailored ... Read More
Just when you thought it was safe to trust your banking app, the Godfather makes an offer your phone can’t refuse. Researchers have uncovered a malware variant by the same name that hijacks mobile banking and crypto apps using s ... Read More
Phishing emails remain a favored entry point for cybercriminals, often disguised as legitimate business communications to deceive users, such as in the Serpentine#Cloud campaign, where attackers use invoice-themed .lnk files to ... Read More
Cybercriminals are increasingly adopting the ClickFix social engineering tactic to distribute malware, with recent campaigns delivering threats like the GHOSTPULSE loader and ARECHCLIENT2 infostealer. A newly uncovered variant, ... Read More
Phishing continues to be a dominant cyber threat, with attackers constantly refining their tactics to exploit human trust—most recently seen in a campaign by the Kimsuky threat group, which disguised emails as research paper rev ... Read More
Recent cyber threat activity highlights an evolving and complex landscape. The Water Curse threat actor has been abusing GitHub by hosting weaponized repositories to deliver multistage malware. In a separate development, Iran-al ... Read More

Get the Daily Cybersecurity Roundup delivered to your email!

Recent Blogs
Daily Threat Briefing