Fake Windows and Office Activation Videos Spread Infostealers on TikTok and Instagram
Short-form video platforms such as TikTok and Instagram Reels have become an increasingly effective vector for distributing infostealers, as threat actors le...
20 articles
Short-form video platforms such as TikTok and Instagram Reels have become an increasingly effective vector for distributing infostealers, as threat actors le...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Binding Operational Directive, BOD 26-04, mandating that federal civilian agenci...
Recent disclosure of the “Solana FakeFix” campaign exposes a coordinated supply-chain attack that abused package registries to steal developer secrets.
A newly disclosed zero-day vulnerability in Oracle PeopleSoft is being actively exploited by the ShinyHunters threat group, according to a joint investigatio...
OceanLotus APT has executed a precision supply‑chain operation that implanted its SPECTRALVIPER backdoor into FireAnt MetaKit, a popular Vietnamese market‑da...
GoFlateLoader, a widespread Golang loader that has become a go-to delivery mechanism for multiple infostealers including Lumma, Vidar, StealC, Amatera and Re...
A newly disclosed zero-day vulnerability dubbed “GreatXML” is raising serious concerns across the Windows security ecosystem, as it enables a practical BitLo...
Attackers have begun actively exploiting a high-severity vulnerability in Langflow, tracked as CVE-2026-5027, which enables remote code execution via a path ...
A wave of phishing campaigns across the Middle East and North Africa exposes a sophisticated, centralized fraud ecosystem operating under the SniperDz banner.
GitHub has announced a major security-focused overhaul of npm with the upcoming release of npm v12, introducing stricter default controls designed to mitigat...
A recent surge in macOS-targeted campaigns shows threat actors favoring weaponized disk images (.dmg) as the primary delivery mechanism for infostealer malware.
A new Golang-based backdoor dubbed BLUERABBIT has been observed performing combined data theft, file encryption and destructive disk wiping against Windows h...
The impact of residential proxies across our customer base by compiling billions of DNS resolutions and the associated network telemetry. The Kimwolf Botnet ...
Chinese-language “guarantee” marketplaces hosted mainly on Telegram have become a core conduit for buying, selling, and laundering stolen credentials and a w...
Two closely related espionage campaigns targeting Cambodian government organizations that abuse a legitimate VMware-signed binary to sideload a custom loader...
Threat actors increasingly abuse Amazon Web Services (AWS) CloudTrail and Google Cloud Logging to evade detection, poison or exfiltrate logs, and in some cas...
GitLab has released security updates for GitLab CE/EE and EE that patch multiple vulnerabilities, including several high‑impact flaws that could lead to acco...
A significant resurgence of the JDY botnet, a covert reconnaissance network tied to China-nexus threat activity.
A proof-of-concept (PoC) exploit has been publicly released for a critical Linux kernel vulnerability, tracked as CVE-2026-46316, enabling guest-to-host esca...
Ivanti Sentry is facing active exploitation attempts following the public release of proof-of-concept (PoC) code targeting a critical OS command injection vu...