DLL side-loading

Grandoreiro Banking Trojan Evades Defense via Lookalike Software TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Grandoreiro Banking Trojan Evades Defense via Lookalike Software

Do Son June 2, 2026

A highly dangerous threat vector is actively menacing global financial networks. Specifically, the notorious Grandoreiro banking trojan...

The Triple-Headed Dragon: Inside the Three-Cluster Chinese Cyberespionage Campaign Targeting SE Asia UNC5221 HAFNIUM Extradition PRC State Espionage

UNC5221 HAFNIUM Extradition PRC State Espionage

The Triple-Headed Dragon: Inside the Three-Cluster Chinese Cyberespionage Campaign Targeting SE Asia

Do Son April 2, 2026

A recent investigation by Unit 42 researchers has exposed a massive, persistent cyberespionage campaign targeting a high-value...

Inside the BRUSHWORM Malware Campaign Bridging Air-Gaps with USB “Sleeper” Cells Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Inside the BRUSHWORM Malware Campaign Bridging Air-Gaps with USB “Sleeper” Cells

Do Son April 2, 2026

A recent investigation by Elastic Security Labs has uncovered a targeted campaign against a South Asian financial...

TrueChaos: The TrueConf Zero-Day That Turned Secure Updates Into a Government Espionage Backdoor

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

TrueChaos: The TrueConf Zero-Day That Turned Secure Updates Into a Government Espionage Backdoor

Do Son April 1, 2026

A trusted communication tool has been turned into a weapon of mass malware distribution. Check Point Research...

OAuth Hijack: Phishing Campaigns Weaponize Legitimate Redirection to Bypass Defenses OAuth Phishing Redirect URI Abuse

OAuth Phishing Redirect URI Abuse

OAuth Hijack: Phishing Campaigns Weaponize Legitimate Redirection to Bypass Defenses

Do Son March 4, 2026

Microsoft Defender researchers have exposed a series of sophisticated phishing campaigns that exploit the inherent trust in...

PlugX Evolves: New “Meeting Invitation” Phishing Campaign Leverages Trusted Security Software Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

PlugX Evolves: New “Meeting Invitation” Phishing Campaign Leverages Trusted Security Software

Do Son March 4, 2026

Cybersecurity researchers at LAB52 have released a detailed analysis of a new infection chain for the long-running...

The CAPTCHA Trap: How a Fake “ClickFix” Prompt Unleashed Latrodectus & Supper Malware ClickFix CAPTCHA Latrodectus Malware

ClickFix CAPTCHA Latrodectus Malware

The CAPTCHA Trap: How a Fake “ClickFix” Prompt Unleashed Latrodectus & Supper Malware

Do Son February 23, 2026

The simple act of verifying you are not a robot has been weaponized into a devastating corporate...

Trusted Tool Weaponized: Lotus Blossom Hijacks Notepad++ Updates

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Trusted Tool Weaponized: Lotus Blossom Hijacks Notepad++ Updates

Do Son February 16, 2026

A new report from Unit 42 has exposed a highly targeted supply chain attack that turned one...

Phantom in the Machine: Inside Salt Typhoon’s “SnappyBee” Backdoor axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Phantom in the Machine: Inside Salt Typhoon’s “SnappyBee” Backdoor

Do Son February 6, 2026

A new technical analysis by Darktrace has peeled back the layers of SnappyBee (also known as Deed...

Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy “Chrysalis” Lotus Blossom Chrysalis Notepad++ Compromise

Lotus Blossom Chrysalis Notepad++ Compromise

Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy “Chrysalis”

Do Son February 5, 2026

The notorious Chinese state-sponsored threat group Lotus Blossom has resurfaced with a dangerous new toolkit, compromising the...

India Tax Scam Alert: “SyncFuture” Campaign Installs Chinese Surveillance Tool SyncFuture Espionage India Tax Phishing

SyncFuture Espionage India Tax Phishing

India Tax Scam Alert: “SyncFuture” Campaign Installs Chinese Surveillance Tool

Do Son January 26, 2026

A new and sophisticated cyber threat emerged targeting residents of India, disguising a potent espionage operation as...

Bandwidth Bandits: Fake Notepad++ Installers Hide “Proxyjacking” Malware Proxyjacking Larva-25012

Proxyjacking Larva-25012

Bandwidth Bandits: Fake Notepad++ Installers Hide “Proxyjacking” Malware

Do Son January 22, 2026

A new wave of cyberattacks is targeting users looking for free software, turning their computers into unwilling...

PDFSIDER Discovered: New APT Malware Uses DLL Side-Loading to Evade Detection PDFSIDER Malware DLL Side-Loading

PDFSIDER Malware DLL Side-Loading

PDFSIDER Discovered: New APT Malware Uses DLL Side-Loading to Evade Detection

Do Son January 20, 2026

A new and sophisticated malware variant dubbed PDFSIDER has been unearthed by researchers at Resecurity, marking the...

Stealth Cryptominer Uses USB LNK and DLL Side-Loading to Deploy “Smart Mining” Evasion USB LNK Cryptominer, Smart Mining Evasion

USB LNK Cryptominer, Smart Mining Evasion

Stealth Cryptominer Uses USB LNK and DLL Side-Loading to Deploy “Smart Mining” Evasion

Do Son December 5, 2025

In an era dominated by cloud vulnerabilities and phishing emails, a classic threat vector has made a...

GONEPOSTAL: New Outlook Backdoor by Russia’s APT28 Uses Email for C2 APT28, GONEPOSTAL

APT28, GONEPOSTAL

GONEPOSTAL: New Outlook Backdoor by Russia’s APT28 Uses Email for C2

Do Son September 10, 2025

Kroll has identified a new espionage campaign attributed to Russia’s APT28 (Fancy Bear), involving a custom Outlook...

NotDoor: A New Backdoor by Russia’s APT28 Is Hiding in Microsoft Outlook Macros APT28, NotDoor

APT28, NotDoor

NotDoor: A New Backdoor by Russia’s APT28 Is Hiding in Microsoft Outlook Macros

Do Son September 5, 2025

The intelligence team at LAB52 (S2 Grupo) has uncovered a sophisticated new backdoor campaign attributed to APT28,...

IBM X-Force Exposes the Stealthy QuirkyLoader Malware Malware loader, QuirkyLoader

Malware loader, QuirkyLoader

IBM X-Force Exposes the Stealthy QuirkyLoader Malware

Do Son August 21, 2025

IBM X-Force researchers have identified a new loader malware, dubbed QuirkyLoader, that is being used to deliver...

Beyond AI Lures: Noodlophile Stealer Evolves with Stealthy Copyright Phishing Infostealer, Noodlophile

Infostealer, Noodlophile

Beyond AI Lures: Noodlophile Stealer Evolves with Stealthy Copyright Phishing

Do Son August 20, 2025

The Noodlophile Stealer, a malware family first exposed for distributing through fake AI video-generation platforms, has resurfaced...

NailaoLocker Ransomware: Chinese SM2 Crypto and Built-in Decryptor Raise Questions

NailaoLocker, SM2 Ransomware

NailaoLocker Ransomware: Chinese SM2 Crypto and Built-in Decryptor Raise Questions

Do Son July 22, 2025

FortiGuard Labs uncovered a ransomware variant. Dubbed NailaoLocker, this malware isn’t just another file-encrypting threat. It brings...

SLOW#TEMPEST: Advanced Obfuscation Evades Static Analysis With CFG & Indirect Calls SLOW#TEMPEST, Malware Obfuscation

SLOW#TEMPEST, Malware Obfuscation

SLOW#TEMPEST: Advanced Obfuscation Evades Static Analysis With CFG & Indirect Calls

Do Son July 14, 2025

In late 2024, security researchers from Unit 42 uncovered a sophisticated new variant of the malware associated...