Android Malware Spotted Subscribing Victims to Paid Services Without Consent
Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills.
20 articles
Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills.
A large-scale malware campaign dubbed “TamperedChef” is leveraging trojanized productivity applications such as PDF editors, calendar tools, and file convert...
A large-scale phishing campaign leveraging fake event invitations is actively targeting U.S.
An Active and sophisticated supply chain attack targeting the widely used @antv npm ecosystem, where a threat actor compromised a maintainer account and push...
A persistent P2Pinfect botnet campaign targeting Google Kubernetes Engine (GKE) clusters through exposed Redis instances, highlighting how a single cloud mis...
The Ukrainian cyberpolice, working in conjunction with U.S.
Mini Shai-Hulud campaign hits 323 npm packages, GitHub Actions and VS Code tools.
Premium Deception campaign uses 250 Android apps to silently sign victims up to paid services
ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, t...
The ongoing TeamPCP software supply chain campaign has compromised the official Microsoft DurableTask Python client, a widely used package for orchestrating ...
A newly disclosed macOS infostealer campaign is exploiting user trust in some of the biggest names in tech to slip past defenses. Researchers at SentinelOne ...
Hackers are actively targeting Windows users with fake Indian Income Tax assessment pages in a campaign tracked as TAX#TRIDENT. The campaign begins with frau...
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration fe...
Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) that allowed attackers to sign malware with fake trusted certificates. Microsoft said...
Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campa...
A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat p...
A large-scale international cybercrime operation led by INTERPOL has resulted in 201 arrests and the takedown of 53 malicious servers linked to phishing, mal...
The 13-country effort, named Operation Ramz, targeted cyber threats in the Middle East and North Africa region. The post 201 Arrested in Crackdown on Cybercr...
INTERPOL led Operation Ramz in MENA, resulting in 201 arrests and 382 suspects tied to cybercrime networks. INTERPOL coordinated Operation Ramz across the Mi...
Babel Street has launched Insights Investigator, a new agentic capability that puts tradecraft-trained AI agents at the front edge of investigative work whil...