Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.
Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key
Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
Security vendors have spent years building up defenses around the endpoint, but one researcher says AI coding tools have brought the walls down.
Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing
Ghost npm campaign fakes install logs to steal sudo passwords and drop RATs that loot crypto and data
Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware
A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection.
New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CI/CD scans
Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.
Mobile banking malware targets over 1200 financial apps globally, shifting fraud to user devices
The UK’s financial regulator has issued new rules to make incident and third-party reporting clearer
ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data
Tracking pixels let social media companies spy on their users even after they click over to advertiser sites, gleaning credit card info, geolocations, and more, according to an analysis.
Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.
Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.
Researchers uncovered an extensive cyber espionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets.
Dozens of updated, malicious GlassWorm extensions have infested Open VSX, threatening software development supply chains.
The FBI wants to hear from gamers who have downloaded Steam titles containing malware