In late 2025, cybersecurity researchers began sounding alarm bells over a new threat in the cybercrime landscape named the Kimwolf botnet, an Android-based malware network that has swiftly ballooned into one of the largest active botnets observed over the last few months. Often described as an Andr
In late 2025 and early 2026, Trust Wallet confirmed that its Chrome browser extension played a central role in a devastating series of supply chain attacks. Trust Wallet is one of the world's most widely used noncustodial cryptocurrency wallets. These attacks were tied to Shai-Hulud, a sophisticated
In December 2025, cybersecurity researchers observed a significant increase in the RansomHouse ransomware-as-a-service (RaaS) toolset. This signals a concerning trend in adversary capabilities. RansomHouse operators enhanced their encryption engine with a new variant called "Mario." It replaced an
A new account takeover method called GhostPairing is now targeting WhatsApp. This exploitation doesn't use stolen passwords, SIM swapping, or zero-day vulnerabilities; instead, it manipulates WhatsApp's device linking feature through advanced social engineering, covertly granting attackers persisten
In early December 2025, the cybersecurity community was rocked by the public disclosure of a critical, easily exploitable vulnerability in React Server Components (RSC). RSC is the backbone of many modern web applications. Assigned CVE-2025-55182, and quickly nicknamed React2Shell, this vulnerabilit
Over the past year, security researchers have spotlighted a growing menace in the ransomware ecosystem: a packer-as-a-service known as Shanya. The rise of Shanya shows how modern attackers outsource core workflow parts. They now rely on services for obfuscation and endpoint detection and response (E
The discovery of a malware campaign called Shai-Hulud 2.0 has drawn widespread attention across the cybersecurity world, not only because it affected a large number of people, but also due to its unusual spread. Although the name sounds like something from science fiction, the threat remains very r
Glassworm has reappeared in a third wave. Researchers have spotted dozens of newly published Visual Studio Code–compatible extensions. These extensions again carry a suite of clandestine, developer-focused malware behaviors. The most recent activity was discovered in late November and reported on De
The recent cyberattack on the OnSolve CodeRED system has shocked public safety agencies across the United States, revealing the deep vulnerability of critical emergency-alert infrastructure. The incident was claimed by the INC Ransomware gang, a relatively new, but increasingly active, ransomware-as
The phishing threat landscape continues to evolve rapidly, and recent developments highlight how attackers are combining professional cybercrime platforms with realistic visual deception techniques to bypass user confidence and technical controls. A notable example is the recent evolution of the Sne