Threat

Cybercriminals Abuse Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

A financially motivated threat cluster is systematically targeting trucking and logistics companies, weaponizing common Remote Monitoring and Management (RMM) software to infiltrate their networks. The ultimate goal of these attacks is to hijack freight operations and steal high-value physical cargo, particularly food and beverage products. The Campaign’s Objective: Cargo Theft via Digital Intrusion According to […]

Cybercriminals Abuse Remote Monitoring Tools to Infiltrate Logistics and Freight Networks Read More »

HttpTroy Backdoor Poses as VPN Invoice to Infiltrate South Korean Targets

The North Korea-aligned advanced persistent threat (APT) group Kimsuky has been discovered using a previously unknown backdoor, codenamed HttpTroy, in a highly targeted spear-phishing campaign. The attack, aimed at a single victim in South Korea, employed a sophisticated multi-stage infection chain disguised as a legitimate VPN invoice. The Deceptive Lure and Initial Compromise The attack began

HttpTroy Backdoor Poses as VPN Invoice to Infiltrate South Korean Targets Read More »

Russian Ransomware Groups Weaponize Open-Source AdaptixC2 for Advanced Attacks

A powerful open-source command-and-control (C2) framework named AdaptixC2 is rapidly being adopted by a wide range of cybercriminals, with strong links to Russian ransomware operations. This trend highlights the ongoing weaponization of legitimate security tools by threat actors to conduct more advanced and evasive attacks. What is AdaptixC2? AdaptixC2 is an emerging, extensible post-exploitation framework

Russian Ransomware Groups Weaponize Open-Source AdaptixC2 for Advanced Attacks Read More »

China-Linked Hackers Exploit Windows Shortcut Vulnerability to Target European Diplomats

A China-affiliated cyber espionage group, tracked as UNC6384, has been discovered conducting a sophisticated campaign targeting European diplomatic and government entities. The attacks, occurring between September and October 2025, exploit an unpatched Windows shortcut vulnerability to deploy the notorious PlugX remote access trojan on victim systems. Strategic Targeting of European Diplomacy According to a technical

China-Linked Hackers Exploit Windows Shortcut Vulnerability to Target European Diplomats Read More »

China-Linked Tick APT Exploits Lanscope Zero-Day to Compromise Corporate Networks

A sophisticated cyber espionage group known as Tick has been identified as the actor behind the exploitation of a critical, recently disclosed zero-day vulnerability in Motex Lanscope Endpoint Manager. This campaign, targeting specific sectors for intelligence gathering, demonstrates the continued threat posed by advanced persistent threats (APTs) to corporate network security. The Zero-Day Vulnerability: CVE-2025-61932

China-Linked Tick APT Exploits Lanscope Zero-Day to Compromise Corporate Networks Read More »

AI-Targeted Cloaking Attack Tricks Crawlers Into Citing False Information as Verified Facts

A novel cybersecurity threat is targeting the very foundation of agentic AI browsers, a development that could allow malicious actors to poison the information these systems retrieve and present as undeniable truth. This sophisticated “cloaking” technique exploits the trust AI models place in their web crawlers, creating a ripe opportunity for widespread misinformation and manipulation.

AI-Targeted Cloaking Attack Tricks Crawlers Into Citing False Information as Verified Facts Read More »

10 Malicious npm Packages Steal Developer Credentials Across Windows, macOS, and Linux

In a stark reminder of the vulnerabilities within open-source ecosystems, cybersecurity analysts have unearthed ten deceptive npm packages engineered to pilfer sensitive developer credentials. These packages, capable of operating on Windows, macOS, and Linux, employ sophisticated stealth techniques to avoid detection while harvesting a treasure trove of personal and corporate data. The Deceptive Packages and

10 Malicious npm Packages Steal Developer Credentials Across Windows, macOS, and Linux Read More »

Russian Hackers Target Ukrainian Organizations Using Stealthy, Living Off the Land Tactics

Russian threat actors have reportedly conducted a series of stealthy cyberattacks on organizations in Ukraine, aiming to steal confidential data and maintain persistent access to compromised networks.According to a recent joint report by Symantec and Carbon Black Threat Hunter Team, the attacks targeted a large business services company for two months and a local government

Russian Hackers Target Ukrainian Organizations Using Stealthy, Living Off the Land Tactics Read More »

TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

A team of academic researchers from Georgia Tech, Purdue University, and Synkhronix has developed TEE.Fail, a practical side-channel method that can extract secrets from processor-based trusted execution environments, including Intel SGX, Intel TDX, AMD SEV-SNP, and Ciphertext Hiding. The technique uses inexpensive, off-the-shelf electronics to inspect DDR5 memory traffic, exposing weaknesses in current CPU TEE

TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves Read More »

New Android Trojan ‘Herodotus’ Evades Anti-Fraud Systems by Mimicking Human Typing Behavior

Security researchers have uncovered a new Android banking trojan, named Herodotus, which is being used in active campaigns targeting users in Italy and Brazil. The malware aims for device takeover, or DTO, and stands out because it deliberately mimics human typing patterns to evade timing-based, behaviour-only anti-fraud systems. What Herodotus is, and where it came

New Android Trojan ‘Herodotus’ Evades Anti-Fraud Systems by Mimicking Human Typing Behavior Read More »