In November 2025, researchers publicly disclosed a previously unknown Android spyware family, now called Landfall. The security team at Unit 42 (part of Palo Alto Networks) described it in a blog post as "new commercial-grade Android spyware in an exploit chain targeting Samsung devices." The
In a striking demonstration of how cyber-threats adapt to emerging technologies, Microsoft's Incident Response team has uncovered a sophisticated new malware known as SesameOp, which uniquely exploits the OpenAI Assistants API for command-and-control (C2) operations. This discovery marks one of the
The emergence of the Atroposia malware marks another significant step forward in the evolution of cyber threats. Where earlier remote-access trojans (RATs) focused on giving attackers control over compromised computers, Atroposia takes it a step further by combining that control with active intellig
In recent quarters, ransomware threat actors have faced a steep drop in profits as an increasing number of victims refuse to pay. This decline has prompted cybercriminals to reassess their tactics and explore alternative avenues to regain leverage. Ransomware payment rates have sunk to record
In 2025, cybersecurity researchers uncovered a new and unusual scam from a Russian hacking group known as ColdRiver. The group, also known as Star Blizzard or the Callisto Group, had discovered a way to exploit one of the Internet's most familiar security tools, the "I am not a robot" CAPTCHA, and t
A recent campaign demonstrates how modern malvertising, ads pointing to malicious websites, can use legitimate search channels to trick technically sophisticated users into installing powerful macOS information-stealing malware. Operators bought Google Ads that pointed to convincing fake download p
In October 2025, Microsoft revealed new research into a wave of cyberattacks it calls "Payroll Pirate", in an attack campaign targeting university employees across the United States. The attackers behind it are not after student data or research secrets. Instead, they aim to redirect staff paychecks
ClayRat, a newly discovered Android spyware family, has emerged as a sophisticated and rapidly proliferating threat that researchers say primarily targets Russian-speaking users. Security analysts at Zimperium first cataloged the campaign and published detailed technical notes and indicators of comp
In September 2025, security researchers disclosed a critical vulnerability in Fortra's GoAnywhere Managed File Transfer (MFT) platform. Tracked as CVE-2025-10035, the flaw has rapidly become a favored target for ransomware actors, particularly those deploying Medusa ransomware. The vulnerability an
In late September 2025, a wave of extortion emails began arriving at executives and IT leaders of organizations running Oracle's E-Business Suite (EBS). The messages claimed that attackers had stolen sensitive enterprise data and demanded payment to prevent public disclosure. The emails surfaced on