New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and extortion group Vice Society.

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...

A hardware fault injection attack results in the first Xbox One boot ROM-level compromise after 12 years.

A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. Tracked as TA4922, the threat actor is ...

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...

Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one ...

X.Org Server vulnerability patch released June 2 fixes nine flaws — eight found by TrendAI’s FENRIR static analysis tool, the fourth AI-assisted batch this year. Versions xorg-server 21.1.23 and ...

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

Abstract: Detecting attacks disguised by evasion techniques is a challenge for signature-based Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs). This study examines five ...