The emergence of the Atroposia malware marks another significant step forward in the evolution of cyber threats. Where earlier remote-access trojans (RATs) focused on giving attackers control over compromised computers, Atroposia takes it a step further by combining that control with active intellig
In recent quarters, ransomware threat actors have faced a steep drop in profits as an increasing number of victims refuse to pay. This decline has prompted cybercriminals to reassess their tactics and explore alternative avenues to regain leverage. Ransomware payment rates have sunk to record
In 2025, cybersecurity researchers uncovered a new and unusual scam from a Russian hacking group known as ColdRiver. The group, also known as Star Blizzard or the Callisto Group, had discovered a way to exploit one of the Internet's most familiar security tools, the "I am not a robot" CAPTCHA, and t
A recent campaign demonstrates how modern malvertising, ads pointing to malicious websites, can use legitimate search channels to trick technically sophisticated users into installing powerful macOS information-stealing malware. Operators bought Google Ads that pointed to convincing fake download p
In October 2025, Microsoft revealed new research into a wave of cyberattacks it calls "Payroll Pirate", in an attack campaign targeting university employees across the United States. The attackers behind it are not after student data or research secrets. Instead, they aim to redirect staff paychecks
ClayRat, a newly discovered Android spyware family, has emerged as a sophisticated and rapidly proliferating threat that researchers say primarily targets Russian-speaking users. Security analysts at Zimperium first cataloged the campaign and published detailed technical notes and indicators of comp
In September 2025, security researchers disclosed a critical vulnerability in Fortra's GoAnywhere Managed File Transfer (MFT) platform. Tracked as CVE-2025-10035, the flaw has rapidly become a favored target for ransomware actors, particularly those deploying Medusa ransomware. The vulnerability an
In late September 2025, a wave of extortion emails began arriving at executives and IT leaders of organizations running Oracle's E-Business Suite (EBS). The messages claimed that attackers had stolen sensitive enterprise data and demanded payment to prevent public disclosure. The emails surfaced on
In recent months, cybersecurity researchers have raised concerns about a sophisticated and rapidly evolving Akira ransomware campaign targeting SonicWall SSL VPN appliances. The attackers have demonstrated an unsettling ability to bypass one-time password multifactor authentication (MFA), move later
Cybercriminals have increasingly weaponized trust: instead of exploiting zero-day flaws, they trick users into installing malicious software that impersonates legitimate apps. In a large-scale campaign observed by Malwarebytes in 2025, threat actors published convincing GitHub pages that posed as do