Belarus-linked hackers use fake training certificates to target Ukrainian officials
A Belarus-linked hacking group known as GhostWriter has launched a new espionage campaign against Ukrainian government officials using fake emails disguised ...
Campaigns
20 articles
Belarus-linked hackers use fake training certificates to target Ukrainian officials
A Belarus-linked hacking group known as GhostWriter has launched a new espionage campaign against Ukrainian government officials using fake emails disguised ...
Teenager from Odesa suspected of running infostealer malware operation
The suspect allegedly used information-stealing malware between 2024 and 2025 to infect user devices, aiming to steal browser sessions and account credentials.
Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign
A self-propagating worm has compromised more than 170 npm and PyPI packages, defeating provenance attestation and breaching OpenAI and Mistral AI. Here is wh...
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications...
Chinese hackers target telcos with new Linux, Windows malware
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBac...
Android Malware Spotted Subscribing Victims to Paid Services Without Consent
Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills.
TamperedChef Malware Hides in Signed Apps to Drop Stealers and RATs
A large-scale malware campaign dubbed “TamperedChef” is leveraging trojanized productivity applications such as PDF editors, calendar tools, and file convert...
Fake Invitation Phishing Campaign Steals Credentials From U.S. Organizations
A large-scale phishing campaign leveraging fake event invitations is actively targeting U.S.
Mini Shai-Hulud Hits @antv npm Packages, Targets CI/CD Secrets
An Active and sophisticated supply chain attack targeting the widely used @antv npm ecosystem, where a threat actor compromised a maintainer account and push...
P2PInfect Botnet Targets Kubernetes via Exposed Redis
A persistent P2Pinfect botnet campaign targeting Google Kubernetes Engine (GKE) clusters through exposed Redis instances, highlighting how a single cloud mis...
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
The Ukrainian cyberpolice, working in conjunction with U.S.
New Mini Shai-Hulud attack targets npm ecosystem
Mini Shai-Hulud campaign hits 323 npm packages, GitHub Actions and VS Code tools.
Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users
Premium Deception campaign uses 250 Android apps to silently sign victims up to paid services
Webworm APT targets European government organizations with new backdoors
ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, t...
Microsoft DurableTask Python Client Targeted in TeamPCP Cyberattack
The ongoing TeamPCP software supply chain campaign has compromised the official Microsoft DurableTask Python client, a widely used package for orchestrating ...
SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain
A newly disclosed macOS infostealer campaign is exploiting user trust in some of the biggest names in tech to slip past defenses. Researchers at SentinelOne ...
Fake Tax Assessment Pages Spread Windows Malware
Hackers are actively targeting Windows users with fake Indian Income Tax assessment pages in a campaign tracked as TAX#TRIDENT. The campaign begins with frau...
Microsoft Self-Service Password Reset abused in Azure data theft attacks
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration fe...
Microsoft dismantled malware-signing network Fox Tempest
Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) that allowed attackers to sign malware with fake trusted certificates. Microsoft said...