vSphere and BRICKSTORM Malware: A Defender's Guide
Written by: Stuart Carrera Introduction Building on recent BRICKSTORM research from Google Threat Intelligence Group (GTIG), this post explores the evolving ...
Malware
20 articles
Hooked on Linux: Rootkit Detection Engineering
In this second part of a two-part series, we explore Linux rootkit detection engineering, focusing on the limitations of static detection reliance, and the i...
New Venom Stealer MaaS Platform Automates Continuous Data Theft
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration
Alleged RedLine malware developer extradited to United States
A man has appeared in federal court in Austin, Texas, after being extradited to the United States to face charges related to his alleged role as a key develo...
Hackers Hijack Axios npm Package to Spread RATs
Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s account, researchers warn
Phantom Project Bundles Infostealer, Crypter and RAT For Sale
Phantom Stealer .
AI Threat Landscape Digest January-February 2026
KEY FINDINGS AI-assisted malware development has reached operational maturity.VoidLink framework, which is modular, professionally engineered, and fully func...
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secure...
Trivy Supply Chain Attack Expands With New Compromised Docker Images
New Trivy Docker images 0.69.
Financial Brands Targeted in Global Mobile Banking Malware Surge
Mobile banking malware targets over 1200 financial apps globally, shifting fraud to user devices
Crypto Scam "ShieldGuard" Dismantled After Malware Discovery
ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data
Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats
The Vidar 2.
2025 Identity Threat Landscape Report: Inside the Infostealer Economy: Credential Threats in 2025
Recorded Future's 2025 Identity Threat Landscape Report analyzes hundreds of millions of compromised credentials to reveal how infostealer malware is evolvin...
PixRevolution Malware Hijacks Brazil's PIX Transfers in Real Time
PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse
Iran Claims Massive Cyber-Attack on MedTech Firm Stryker
The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker
Proactive Preparation and Hardening Against Destructive Attacks: 2026 Edition
Written by: Matthew McWhirt, Bhavesh Dhake, Emilio Oropeza, Gautam Krishnan, Stuart Carrera, Greg Blaum, Michael Rudden UPDATE (March 13): Added guidance aro...
PromptSpy ushers in the era of Android threats using GenAI
ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow
ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper
Influencers in the crosshairs: How cybercriminals are targeting content creators
Social media influencers can provide reach and trust for scams and malware distribution. Robust account protection is key to stopping the fraudsters.
SnakeStealer: How it preys on personal data – and how you can protect yourself
Here’s what to know about the malware with an insatiable appetite for valuable data, so much so that it tops this year's infostealer detection charts