Cybercriminals have increasingly weaponized trust: instead of exploiting zero-day flaws, they trick users into installing malicious software that impersonates legitimate apps. In a large-scale campaign observed by Malwarebytes in 2025, threat actors published convincing GitHub pages that posed as do
FileFix's latest evolutions show how a clever user-interaction trick plus a dusting of steganography can turn familiar OS features into a stealthy malware-delivery pipeline. Security researchers observed an active campaign that hides a second-stage PowerShell script and encrypted payloads inside see
On 12 September 2025, the U.S. Federal Bureau of Investigation (FBI) issued a FLASH Advisory, FLASH‐20250912, describing two cyber criminal threat clusters, UNC6040 and UNC6395, that have compromised Salesforce environments to steal data and extort companies. The advisory provides indicators o
In early September 2025, Panama's Ministry of Economy and Finance (MEF) disclosed that it had suffered a cyberattack. The disclosure came after the INC ransomware group claimed responsibility for breaching the ministry's systems. According to the MEF's official statement, the incident involved only
Since the public disclosure of the "s1ngularity" incident on August 26, 2025, the Wiz Research team has investigated the attack and developed a mitigation response for affected organizations. These approximately 2180 organizations had GitHub accounts compromised. With the immediate threat now subsid
With the release of Hexstrike-AI, a framework that combines large language models (LLMs) and Artificial Intelligence (AI) models with automated hacking tools, the security experts at Checkpoint warn that the line between defensive tools and offensive weapons is vanishing, and Hexstrike-AI is quickly
Cybersecurity researchers at Bitdefender have detected a sinister new twist in the evolving world of Android malware. They have uncovered a broader malvertising campaign on Meta platforms that now targets Android users worldwide, leveraging sophisticated impersonation and advanced malware trojans to
Microsoft Threat Intelligence observes that a financially motivated cyber-threat actor, tracked as Storm-0501, has shifted its techniques to better exploit cloud environments. Previously known for hybrid on-premises attacks, the threat actor now prioritizes cloud-native ransomware strategies to spee
APT36, also known as Transparent Tribe, Mythic Leopard, Earth Karkaddan, or Operation C-Major, is a Pakistan-linked cyber-espionage group that has spent more than a decade targeting Indian government, military, and diplomatic institutions. In August 2025, cybersecurity researchers from two security
Since at least 2021, a powerful Mirai-based threat known as Rapper Bot, also known as Eleven Eleven or CowBot, has quietly targeted millions of internet-connected devices worldwide. Recently, a coordinated law enforcement action dismantled the operation and brought charges against its alleged admini