Socket’s Threat Research Team has discovered that at least 10 malicious packages were published to npm from...
malware
Wiz Research has uncovered a persistent and evolving cryptojacking operation known as “Soco404,” a campaign that exploits...
In its latest threat intelligence report, CYFIRMA has detailed the discovery of EdskManager RAT, a sophisticated remote...
Akamai has confirmed the first observed abuse of Microsoft’s UI Automation (UIA) framework by malware in the...
If you are an Arch Linux user and have installed Mozilla Firefox, LibreWolf, or Zen Web from...
The Lumma Stealer malware suffered a massive takedown in May 2025, with over 2,300 malicious domains seized....
The once Craft CMS-focused threat actor known as Mimo—or Mimo’lette—has resurfaced with new vigor, broadening its scope...
ACRStealer—recently rebranded as AmateraStealer—has emerged as one of the most sophisticated infostealers in the wild, marked by...
A financially motivated threat group now known as Greedy Sponge has reemerged with a revamped campaign targeting...
FortiGuard Labs uncovered a ransomware variant. Dubbed NailaoLocker, this malware isn’t just another file-encrypting threat. It brings...
JPCERT/CC has released a detailed technical report shedding light on a sustained and sophisticated malware campaign leveraging...
In a newly uncovered campaign, LAB52 — the intelligence team at S2 Group — has identified a...
eSentire’s Threat Response Unit (TRU) uncovered a sophisticated attack against a certified public accounting firm in the...
Matanbuchus, a well-known malware loader sold as Malware-as-a-Service (MaaS), has just leveled up. In its latest evolution—Matanbuchus...
The Seqrite Labs APT-Team has uncovered the latest espionage operations of UNG0002 (Unknown Group 0002), a stealthy...
A new report from Proofpoint Threat Research sheds light on a coordinated espionage campaign by multiple China-aligned...
In a newly uncovered software supply chain attack, threat actors have successfully deployed a backdoored version of...
Imperva researchers have uncovered a supply chain attack masquerading as a popular Python utility. The package in...
A deceptive and highly targeted phishing campaign has successfully compromised several popular npm packages, including eslint-config-prettier, eslint-plugin-prettier,...
In response to the escalating wave of cybersecurity threats, Google has filed a lawsuit against the operators...
A new investigation by the FortiCNAPP team, part of FortiGuard Labs, has revealed a disturbing evolution in...
Trellix’s threat intelligence team has uncovered a stealthy malware campaign aimed squarely at financial services institutions in...