threat intelligence Archives • Page 8 of 13 • Daily CyberSecurity

From Chat App to Dark Web: How Telegram Became the New Hub for Cybercrime CVE-2024-22394

From Chat App to Dark Web: How Telegram Became the New Hub for Cybercrime

Do Son March 3, 2026

For millions of people around the world, Telegram is a secure and convenient way to chat with...

The GTFire Scheme: How Cybercriminals are Weaponizing Google’s Trusted Services for Global Phishing GTFire Phishing Campaign Google Firebase Abuse

GTFire Phishing Campaign Google Firebase Abuse

The GTFire Scheme: How Cybercriminals are Weaponizing Google’s Trusted Services for Global Phishing

Do Son March 2, 2026

Modern cybercriminals are evolving, increasingly hiding their malicious activities within the very legitimate cloud services that businesses...

Massive SonicWall Reconnaissance Campaign Signals Imminent Ransomware Strikes SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

Massive SonicWall Reconnaissance Campaign Signals Imminent Ransomware Strikes

Do Son February 28, 2026

Between February 22 and February 25, 2026, threat intelligence firm GreyNoise detected a highly coordinated reconnaissance campaign...

North Korea’s Lazarus Group Deploys Medusa Ransomware Against U.S. Healthcare SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

North Korea’s Lazarus Group Deploys Medusa Ransomware Against U.S. Healthcare

Do Son February 26, 2026

A disturbing shift in nation-state cyber tactics has been uncovered as North Korean state-backed attackers integrate Medusa...

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Stealth & Persistence: MuddyWater’s New Rust-Based Payload Mimics Cloudflare and Reddit

Do Son February 25, 2026

While financially motivated cybercrime often dominates the headlines, state-sponsored espionage operates quietly in the background, prioritizing stealth...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Machine-Speed Intrusions: How One Hacker Used DeepSeek and Claude to Scale a Global Campaign

Do Son February 24, 2026

A report by threat researcher @goyaramen reveals a sophisticated software pipeline that embeds Large Language Models (LLMs)...

Silver Fox APT Unleashes ‘Winos 4.0’ Malware via BYOVD Attacks Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Silver Fox APT Unleashes ‘Winos 4.0’ Malware via BYOVD Attacks

Do Son February 24, 2026

According to a new threat intelligence report, a highly organized Advanced Persistent Threat (APT) group has launched...

Hackers Weaponize Facebook Ads with Fake Windows 11 Updates Fake Windows 11 Ads Info-Stealing Malware

Hackers Weaponize Facebook Ads with Fake Windows 11 Updates

Do Son February 24, 2026

Cybercriminals are leveraging the trust users place in their social media feeds to distribute stealthy information-stealing malware....

The ‘Human Verification’ Trap: ClickFix Campaign Hijacks Trusted Sites to Deploy MIMICRAT MIMICRAT Malware ClickFix Campaign

The ‘Human Verification’ Trap: ClickFix Campaign Hijacks Trusted Sites to Deploy MIMICRAT

Do Son February 24, 2026

Security researchers are sounding the alarm over a highly sophisticated malware campaign that weaponizes human helpfulness to...

Hackers Exploit Critical BeyondTrust Flaw to Deploy VShell and SparkRAT Across Multiple Sectors BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

Hackers Exploit Critical BeyondTrust Flaw to Deploy VShell and SparkRAT Across Multiple Sectors

Do Son February 23, 2026

A critical security flaw in a widely used enterprise access platform is under active attack, prompting urgent...

The Invisible Backdoor: AI Exposes Malicious OAuth Apps Hiding in Microsoft Entra ID Malicious OAuth Apps Entra ID Homoglyph Attack

The Invisible Backdoor: AI Exposes Malicious OAuth Apps Hiding in Microsoft Entra ID

Do Son February 23, 2026

The integration of third-party applications into corporate environments has become the lifeblood of modern productivity, but it...

The Startup Stealer: How AI and Discord Powered the Arkanix MaaS Operation Arkanix Stealer Malware-as-a-Service (MaaS)

The Startup Stealer: How AI and Discord Powered the Arkanix MaaS Operation

Do Son February 23, 2026

The cybercrime underground is increasingly mirroring the legitimate tech industry, adopting customer-centric marketing, tiered subscriptions, and even...

Cash Out: FBI Warns of $20M ATM ‘Jackpotting’ Surge Driven by Ploutus Malware ATM Jackpotting Ploutus Malware

Cash Out: FBI Warns of $20M ATM ‘Jackpotting’ Surge Driven by Ploutus Malware

Do Son February 23, 2026

The Federal Bureau of Investigation (FBI) has issued an urgent FLASH report warning financial institutions of a...

Infoblox Exposes Hybrid Malvertising & “Pig Butchering” Scam Hybrid Crypto Scam Pig Butchering Malvertising

Infoblox Exposes Hybrid Malvertising & “Pig Butchering” Scam

Do Son February 20, 2026

Cybercriminals are continuously evolving their tactics to maximize profits, and a new hybrid scam has emerged on...

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Live from Your Webcam: Remcos RAT Evolves into a Real-Time Surveillance Nightmare

Do Son February 19, 2026

Remcos, once a commercial remote management tool turned notorious Remote Access Trojan (RAT), has received an upgrade....

Unmasking the Proxy: Silent Push “Traffic Origin” Exposes True Actor Locations Residential Proxy Detection

Unmasking the Proxy: Silent Push “Traffic Origin” Exposes True Actor Locations

Do Son February 11, 2026

A new report by Silent Push reveals how advanced traffic analysis can strip away the digital masks...

Invisible Intruder: “ShadowHS” Malware Weaponizes Hackshell on Linux ShadowHS Malware Linux Fileless Intrusion

Invisible Intruder: “ShadowHS” Malware Weaponizes Hackshell on Linux

Do Son February 4, 2026

Cyble Research & Intelligence Labs (CRIL) has uncovered a sophisticated Linux intrusion chain dubbed ShadowHS, a campaign...

The Soviet Ghost: How Carding Markets Survive on Legacy Domains BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

The Soviet Ghost: How Carding Markets Survive on Legacy Domains

Do Son January 12, 2026

A new analysis by Team Cymru researchers has shed light on the physical and digital infrastructure powering...

BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector BlueDelta Espionage Credential Harvesting

BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector

Do Son January 9, 2026

A notorious Russian state-sponsored hacking group has evolved its digital espionage toolkit, launching a sophisticated wave of...

Microsoft Warns of Surge in Internal Domain Spoofing Internal Phishing Attacks Tycoon2FA

Microsoft Warns of Surge in Internal Domain Spoofing

Do Son January 7, 2026

A wave of sophisticated phishing attacks is hitting organizations by exploiting a classic weakness: the trust users...

Critical Alert 1 Active Exploit Detected Today