Flux RSS

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.

Researchers uncovered an extensive cyber espionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets.

Dozens of updated, malicious GlassWorm extensions have infested Open VSX, threatening software development supply chains.

The FBI wants to hear from gamers who have downloaded Steam titles containing malware

PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse

The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker

Over 250 legitimate websites, including news outlets and a US Senate candidate’s official webpage, been compromised to infect visitors with infostealers, warn Rapid7 researchers

BlackSanta malware targets HR staff with fake resumes, kills EDR and steals system data

A bank, an airport, a non-profit and the Israeli branch of a US software company were among the targets of this new MuddyWater campaign

Malware campaign uses Ukrainian email service for credibility, deploying "BadPaw" to execute attacks

Chainalysis reveals a big surge in median ransomware payment size in 2025 despite overall drop in criminal revenue

UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation

Ransomware Medusa linked to North Korean hackers targets US healthcare amid ongoing attacks

Supply chain worm mimicking Shai-Hulud malware spread via malicious npm packages, targeting AI tools has been identified by security researchers

Sophisticated Python malware uncovered in fraud probe shows obfuscation, disposable infrastructure

Advantest, a Japanese specialist in testing computer chips for major semiconductor manufacturers, has deployed incident response protocols following a cybersecurity incident

University of Mississippi Medical Center is still scrambling to respond to a ransomware attack last Thursday

A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET

Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments

OysterLoader malware evolves into 2026, refining C2 infrastructure, obfuscation & infection stages