A newly identified .NET-based infostealer named PupkinStealer has emerged as a significant threat targeting Windows systems. First observed in April 2025, this malware is designed to harvest sensitive data.

A newly uncovered scam campaign exploits X/Twitter’s ad URL preview feature to deceive users into visiting fraudulent cryptocurrency sites. By manipulating how metadata is fetched for preview cards, attackers display trusted domains.

Ascension, one of the largest private healthcare systems in the U.S., has disclosed a data breach affecting 437,329 individuals. The breach originated from a third-party vendor compromise, potentially linked to Clop ransomware

A new ransomware delivery technique has emerged, embedding malicious code within JPEG images to execute fully undetectable (FUD) ransomware. This method bypasses traditional antivirus systems and exploits user trust in common file types.

The latest wave of attacks leverages PhaaS toolkits that automate the creation of dynamic phishing pages, eliminating the need for manual cloning of websites. These toolkits allow attackers to generate real-time replicas of legitimate websites.

OtterCookie is sophisticated malware developed by the North Korea-linked WaterPlum group (also known as Famous Chollima or PurpleBravo). It targets financial institutions, cryptocurrency platforms, and FinTech companies globally.

A targeted campaign exploited Microsoft Entra ID’s legacy authentication protocol BAV2ROPC, allowing attackers to bypass MFA and gain unauthorized access to admin accounts across finance, healthcare, and tech sectors.

A sophisticated email campaign has been uncovered targeting users in Spain, Italy, and Portugal, distributing the cross-platform RATty RAT. The campaign uses the legitimate Spanish email service provider serviciodecorreo.es to send phishing emails.

A joint investigation has uncovered FreeDrain, a large-scale cryptocurrency phishing operation that exploits SEO manipulation, free-tier web services, and redirection techniques to deceive users of popular cryptocurrency wallets.

A coordinated cyber campaign dubbed #OpIndia was launched by over 40 ideologically motivated hacktivist groups following recent geopolitical tensions between India and Pakistan.