In December 2025, cybersecurity researchers observed a significant increase in the RansomHouse ransomware-as-a-service (RaaS) toolset. This signals a concerning trend in adversary capabilities. RansomHouse operators enhanced their encryption engine with a new variant called "Mario." It replaced an
A new account takeover method called GhostPairing is now targeting WhatsApp. This exploitation doesn't use stolen passwords, SIM swapping, or zero-day vulnerabilities; instead, it manipulates WhatsApp's device linking feature through advanced social engineering, covertly granting attackers persisten
In early December 2025, the cybersecurity community was rocked by the public disclosure of a critical, easily exploitable vulnerability in React Server Components (RSC). RSC is the backbone of many modern web applications. Assigned CVE-2025-55182, and quickly nicknamed React2Shell, this vulnerabilit
Over the past year, security researchers have spotlighted a growing menace in the ransomware ecosystem: a packer-as-a-service known as Shanya. The rise of Shanya shows how modern attackers outsource core workflow parts. They now rely on services for obfuscation and endpoint detection and response (E
The discovery of a malware campaign called Shai-Hulud 2.0 has drawn widespread attention across the cybersecurity world, not only because it affected a large number of people, but also due to its unusual spread. Although the name sounds like something from science fiction, the threat remains very r
Glassworm has reappeared in a third wave. Researchers have spotted dozens of newly published Visual Studio Code–compatible extensions. These extensions again carry a suite of clandestine, developer-focused malware behaviors. The most recent activity was discovered in late November and reported on De
The recent cyberattack on the OnSolve CodeRED system has shocked public safety agencies across the United States, revealing the deep vulnerability of critical emergency-alert infrastructure. The incident was claimed by the INC Ransomware gang, a relatively new, but increasingly active, ransomware-as
The phishing threat landscape continues to evolve rapidly, and recent developments highlight how attackers are combining professional cybercrime platforms with realistic visual deception techniques to bypass user confidence and technical controls. A notable example is the recent evolution of the Sne
In the rapidly evolving world of cybercrime, the Kraken ransomware group stands out for its sophisticated tactics. It benchmarks victim systems before encrypting data. This rare approach allows Kraken to adapt encryption dynamically, maximizing damage while lowering detection risk. Emerging in 2025,
After a six-month hiatus, DanaBot malware has reemerged, signaling the return of one of cybercrime's most adaptive threats. Once a banking trojan, DanaBot has evolved into a modular, multipurpose framework supporting espionage, data theft, and ransomware delivery. Moreover, its return also follows