Malware

SystemBC C2 Infrastructure Exposes Over 1,570 Victims Linked to The Gentlemen Ransomware Operation

Cybersecurity researchers have uncovered new evidence connecting a large-scale botnet to the rapidly growing ransomware group known as The Gentlemen. The discovery reveals that attackers are leveraging the SystemBC proxy malware to strengthen their operations and expand their reach globally. Large Botnet Discovered Through SystemBC Server A recent investigation by cybersecurity firm Check Point exposed […]

SystemBC C2 Infrastructure Exposes Over 1,570 Victims Linked to The Gentlemen Ransomware Operation Read More »

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Take Over TBK DVRs for DDoS Botnet Operations

Cybersecurity researchers have uncovered a new wave of attacks where threat actors are exploiting vulnerabilities in TBK digital video recorders and outdated TP-Link routers to deploy a powerful Mirai-based botnet. The findings were reported by Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. Exploitation of TBK DVR Devices The attack specifically targets TBK DVR systems by abusing CVE-2024-3721,

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Take Over TBK DVRs for DDoS Botnet Operations Read More »

Obsidian Plugin Exploitation Spreads PHANTOMPULSE RAT in Targeted Finance and Crypto Attacks

A newly identified cyber campaign has revealed how attackers are exploiting trusted software tools to infiltrate high-value targets. Security researchers have uncovered a sophisticated operation that abuses the popular note-taking application Obsidian to distribute a previously unknown remote access trojan called PHANTOMPULSE RAT. The attacks are primarily aimed at individuals working in financial services and cryptocurrency sectors, where

Obsidian Plugin Exploitation Spreads PHANTOMPULSE RAT in Targeted Finance and Crypto Attacks Read More »

UAC-0247 Launches Data-Theft Malware Campaign Against Ukrainian Clinics and Government Entities

A newly uncovered cyber espionage operation has raised concerns after Ukraine’s national cybersecurity authority, Computer Emergency Response Team of Ukraine, revealed a coordinated malware campaign aimed at government institutions and healthcare facilities. The attacks primarily focus on clinics and emergency hospitals, with the objective of stealing highly sensitive data. Attack Timeline and Threat Actor Profile Security

UAC-0247 Launches Data-Theft Malware Campaign Against Ukrainian Clinics and Government Entities Read More »

n8n Webhooks Exploited Since October 2025 to Spread Malware Through Phishing Emails

Cybersecurity specialists have identified a significant vulnerability in how workflow automation platforms are being weaponized by criminal organizations. Since the latter part of 2025, malicious actors have systematically exploited n8n—a widely-used cloud-based process automation solution—to conduct elaborate phishing schemes and deploy harmful software. Researchers from Cisco’s threat intelligence division documented the concerning trend in a

n8n Webhooks Exploited Since October 2025 to Spread Malware Through Phishing Emails Read More »

Backdoored Smart Slider 3 Pro Update Delivered via Compromised Nextend Servers in Supply Chain Attack

A serious software supply chain attack has been uncovered involving the popular WordPress plugin Smart Slider 3, where attackers compromised the update infrastructure to distribute a malicious version containing a hidden backdoor. According to security researchers at Patchstack, the affected release is Smart Slider 3 Pro version 3.5.1.35. The plugin, widely used across more than 800,000 websites,

Backdoored Smart Slider 3 Pro Update Delivered via Compromised Nextend Servers in Supply Chain Attack Read More »

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware

A newly identified cyber threat cluster, UAT-10362, has been linked to targeted spear-phishing attacks aimed at organizations in Taiwan, including non-governmental organizations (NGOs) and academic institutions. The campaign deploys a previously unknown malware framework called LucidRook. Security researchers from Cisco Talos revealed that the operation was first detected in October 2025 and demonstrates a high

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware Read More »

APT28 Launches PRISMEX Malware Campaign Targeting Ukraine and NATO Allies with Zero-Day Exploits

A new cyber espionage operation linked to Russia’s state-backed group APT28, also known as Forest Blizzard and Pawn Storm, has been uncovered targeting Ukraine and its allied nations. The campaign delivers a newly identified malware framework called PRISMEX through highly targeted spear-phishing attacks. Security researchers from Trend Micro revealed that the campaign has been active since at least

APT28 Launches PRISMEX Malware Campaign Targeting Ukraine and NATO Allies with Zero-Day Exploits Read More »

North Korea-Linked Hackers Distribute Over 1,700 Malicious Packages Across npm, PyPI, Go, and Rust Ecosystems

A large-scale software supply chain attack linked to North Korean threat actors has been uncovered, involving the of more than 1,700 malicious packages across multiple developer ecosystems, including npm, PyPI, Go, Rust, and Packagist. The campaign, tracked as Contagious Interview, demonstrates a coordinated effort to infiltrate developer environments by disguising malware as legitimate development tools.

North Korea-Linked Hackers Distribute Over 1,700 Malicious Packages Across npm, PyPI, Go, and Rust Ecosystems Read More »

Microsoft Warns of WhatsApp-Delivered VBS Malware Exploiting UAC Bypass on Windows

Microsoft has issued a warning about a newly discovered cyber campaign that uses WhatsApp to distribute malicious Visual Basic Script (VBS) files. The attack chain is designed to compromise Windows systems, establish persistence, and gain elevated privileges through stealth techniques. Attack Begins with Social Engineering The campaign, first observed in late February 2026, relies heavily on social engineering

Microsoft Warns of WhatsApp-Delivered VBS Malware Exploiting UAC Bypass on Windows Read More »