NFCShare Android Malware Spreads via Weaponized Banking Apps
A renewed and operationally refined wave of the NFCShare Android banking trojan that delivers NFC card-data theft by masquerading as legitimate banking appli...
20 articles
A renewed and operationally refined wave of the NFCShare Android banking trojan that delivers NFC card-data theft by masquerading as legitimate banking appli...
Operation FlutterBridge uses fake Google ads and shell companies to deploy FlutterShell, a new macOS backdoor targeting unsuspecting users.
The company said it spotted a spearphishing campaign linked to the Israeli spyware maker targeting WhatsApp users, despite a court order prohibiting it. The ...
This diary continues the Internet Storm Center&#;x26;#;39;s tracking of the TeamPCP supply chain campaign, first documented in the SANS white paper When the ...
UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB dri...
A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families co...
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across pr...
In this Help Net Security video, Michael Adjei, Director, Systems Engineering at Illumio, explains three real world cyber attacks and what went wrong during ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malw...
Cybersecurity researchers are warning businesses about Pink Extortion Group, a threat actor that uses voice phishing to bypass multi-factor authentication an...
A previously disclosed China-linked threat cluster, tracked as OP-512, has been observed deploying a purpose-built web shell framework to compromise Internet...
A sophisticated new malspam campaign is actively exploiting Google’s DoubleClick ad-tracking infrastructure to bypass enterprise email security gateways. Dis...
Threat cluster UNC3753, widely tracked as Silent Ransom Group or Luna Moth, is actively targeting professional, legal, and financial services in the United S...
Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impac...
A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware ...
The sophisticated attack utilizes Google Tag Manager (GTM) and Stripe domains, which are implicitly trusted by e-commerce sites, allowing the malicious code ...
Written by: Chad Reams, Tufail Ahmed, Keith Knapp, Ashley Frazer, Tyler McLellan Introduction From January through May 2026, Mandiant identified a financiall...
Dashlane has disclosed new details about a brute-force attack that let a threat actor access some customer accounts and copy encrypted vaults. Dashlane said ...
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent...
BRICKSTORM is a modular remote access trojan (RAT) originally seen in Golang and later in Rust. It uses a wssoft library with pluggable “tasks” for shell com...