The emergence of VoidStealer marks a significant evolution in the infostealer malware landscape. It demonstrates how quickly threat actors adapt to defensive innovations. By using a novel debugger-based technique to bypass Google Chrome's Application-Bound Encryption (ABE), VoidStealer highlights th
A newly uncovered iOS exploitation framework called DarkSword is reshaping the mobile threat landscape. It signals a shift from targeted espionage tools to scalable, multipurpose attack infrastructure. Joint research from Google Threat Intelligence Group (GTIG) and Lookout shows how advanced exploit
A financially motivated threat actor is leveraging deceptive websites and weaponized software installers to steal corporate VPN credentials, underscoring the rising sophistication of social-engineering-based cyber intrusions. Security researchers recently uncovered a campaign in which attackers dis
Cybercriminals continue to refine mobile malware campaigns by blending social engineering, financial fraud, and covert resource exploitation into a single attack chain. A newly identified Android malware strain, BeatBanker, demonstrates this evolution by combining banking Trojan capabilities, crypto
Cybercriminals are increasingly exploiting the popularity of AI development tools to distribute malware through sophisticated social engineering campaigns. Security researchers recently uncovered a new attack technique, InstallFix, that leverages fake installation guides for popular command-line too
A coordinated international law enforcement effort has delivered a significant blow to the cybercrime ecosystem. Authorities from the United States, Europe, and multiple partner nations recently dismantled the major hacker forum LeakBase. They also disrupted Tycoon2FA, one of the world's largest phi
APT37 is again making headlines, where previously the North Korean-linked state-sponsored group was linked with deploying data wipers; now they're breaching air-gapped networks. Also tracked under aliases such as ScarCruft, Reaper, Red Eyes, and Ricochet Chollima, this actor has long been associated
In February 2026, researchers revealed a coordinated campaign that targeted software developers through fake job interview projects, demonstrating how threat actors increasingly weaponize trust within development workflows. This is yet another example of threat actors targeting developers specifical
In 2025 and early 2026, law enforcement and cybersecurity agencies in the United States have sounded repeated alarms over the rise of sophisticated ATM "jackpotting" attacks, incidents in which threat actors use malware and physical access to force automated teller machines to dispense cash illegall
In a landmark escalation of the fight against online piracy in Spain, a Spanish commercial court has granted precautionary measures requiring NordVPN and Proton VPN to block access to websites identified as illegally streaming LaLiga matches within Spain. The decision, issued on February 17, 2026, u