The ransomware ecosystem has become increasingly specialized, and KongTuke sits at the center of that shift. Rather than conducting every stage of an attack themselves, many ransomware operators now rely on a network of affiliates, malware developers, and initial access brokers (IABs) to gain entry
Enterprise security teams have spent years hardening identity platforms, enforcing multifactor authentication, and strengthening endpoint security. Yet the latest compromise involving competitive intelligence platform Klue shows a different route into corporate environments: trusted third-party inte
Android banking malware has steadily evolved over the past decade. What once focused primarily on stealing banking credentials has transformed into sophisticated platforms capable of remotely controlling entire devices. The emergence of Rokarolla demonstrates just how far this evolution has progress
The compromise of more than 400 packages in the Arch User Repository (AUR) is one of the most significant, if not the most significant, Linux software supply chain incidents of 2026. More importantly, the campaign shows that threat actors increasingly target the trust relationships that underpin ope
The recent surge in supply chain-focused attacks and leaked malware tooling has underscored a structural shift in modern cybercrime: attackers are no longer relying solely on isolated exploits but are increasingly industrializing malware development and distribution through developer ecosystems. Ac
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly exploited SolarWinds Serv-U vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, signaling active targeting of organizations running vulnerable versions of the managed file transfer platform. The
The cybersecurity community has spent years warning that operational technology (OT) systems are among the most attractive targets for state-sponsored threat actors. Recent incidents involving fuel tank monitoring systems across the United States show that these concerns are no longer theoretical.
Cybercriminals have spent years refining techniques that exploit trust. They impersonate brands, abuse legitimate services, and manipulate search engines to display malicious content to unsuspecting users. The emergence of generative AI platforms has introduced another powerful trust mechanism into
The operators behind the SHub macOS infostealer have introduced a more sophisticated variant called "Reaper." This shows how macOS-focused malware keeps evolving, moving beyond basic credential theft into persistent, multi-stage compromise operations. The latest campaign blends social engineering,
The npm ecosystem is facing one of its most aggressive and technically sophisticated supply chain attacks to date. Over the past several months, security researchers have uncovered a sprawling malware campaign known as Shai-Hulud and its newer variant, Mini Shai-Hulud, which compromised hundreds of