Cybersecurity researchers at Bitdefender have detected a sinister new twist in the evolving world of Android malware. They have uncovered a broader malvertising campaign on Meta platforms that now targets Android users worldwide, leveraging sophisticated impersonation and advanced malware trojans to
Microsoft Threat Intelligence observes that a financially motivated cyber-threat actor, tracked as Storm-0501, has shifted its techniques to better exploit cloud environments. Previously known for hybrid on-premises attacks, the threat actor now prioritizes cloud-native ransomware strategies to spee
APT36, also known as Transparent Tribe, Mythic Leopard, Earth Karkaddan, or Operation C-Major, is a Pakistan-linked cyber-espionage group that has spent more than a decade targeting Indian government, military, and diplomatic institutions. In August 2025, cybersecurity researchers from two security
Since at least 2021, a powerful Mirai-based threat known as Rapper Bot, also known as Eleven Eleven or CowBot, has quietly targeted millions of internet-connected devices worldwide. Recently, a coordinated law enforcement action dismantled the operation and brought charges against its alleged admini
Security researchers at Trend Micro recently uncovered a sophisticated ransomware operation deploying a variant tracked as Crypto24. The group executes highly coordinated, multi-stage attacks that blend legitimate system administration tools with custom malware to evade detection systems and comprom
According to a new report published by ESET, WinRAR, a popular file-archiving utility, recently revealed a serious zero-day vulnerability that allowed attackers to infect computers with malware through seemingly harmless archives. Security researchers uncovered the active exploitation of this flaw b
In mid‑2025, cybersecurity teams observed two sophisticated campaigns delivering Akira ransomware through distinctly different techniques. One involved misused Windows drivers following SonicWall VPN compromises; the other leveraged poisoned search results, leading to malware-laden IT tools being dr
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Sandia National Laboratories released Thorium as an open‑source forensic analysis platform on July 31, 2025. The platform supports government, critical infrastructure, and private‑sector teams. According to officials, Thorium auto
Cisco Talos Incident Response recently uncovered a ransomware-as-a-service (RaaS) operation called "Chaos." This group specializes in attacking large organizations, stealing data, and demanding a ransom. It often threatens to leak victim data if the ransom goes unpaid, otherwise known as the double
On July 19, 2025, Microsoft's Security Response Center warned that multiple nation-state threat actors are actively exploiting two serious vulnerabilities in on-premises SharePoint servers. These flaws, namely CVE-2025-49706, a spoofing vulnerability, and CVE-2025-49704, a remote code execution issu