SentinelOne's threat research team, led by Phil Stokes and Raffaele Sabato, has identified a sophisticated macOS malware campaign named NimDoor. This campaign, attributed to North Korean state-sponsored threat actors, specifically targets Web3 and cryptocurrency businesses. In a significant de
Qantas has confirmed a cyberattack that exposed the personal information of millions of customers. The breach originated not within the airline's own IT infrastructure but through a third-party platform used to support customer service operations. According to Qantas, the incident was detected and
Researchers have uncovered a sophisticated cyber-espionage campaign known as OneClik, which targets organizations in the energy, oil, and gas sectors. The attackers exploit Microsoft's ClickOnce deployment technology—a tool designed to streamline the installation and updating of Windows applications
The Anubis ransomware operation, which emerged in December 2024, represents a chilling evolution in cyber extortion techniques. Unlike conventional ransomware, which encrypts files for ransom, Anubis enhances its menace with a destructive "wipe mode" feature. This dual functionality blurs the line b
The Federal Bureau of Investigation (FBI) has recently alerted the public about cyber criminals exploiting Internet of Things (IoT) devices connected to home networks through the BadBox 2.0 botnet. These criminals gain unauthorized access to home networks by compromising IoT devices such as TV strea
In May 2025, cybersecurity firm Darktrace identified a novel botnet named "PumaBot" targeting Internet of Things (IoT) surveillance devices. Unlike traditional botnets that scan the internet indiscriminately, PumaBot employs a more focused approach, retrieving specific targets from a command-and-con
According to a recent U.S. Office of Public Affairs announcement, in May 2025, a significant international cybersecurity operation successfully dismantled the Lumma Stealer malware network. This notorious information-stealing tool had compromised nearly 400,000 Windows computers worldwide in just tw
In a recent report published by cybersecurity firm GData, printer manufacturer Procolored inadvertently distributed malware-infected software through its official website for approximately six months. The compromised software downloads, hosted on Mega.nz and last updated in October 2024, included 39
Threat actors behind recent ransomware attacks targeting UK-based Marks & Spencer and Harrods are now targeting retailers in the United States, as Google Threat Intelligence Group reported. Speaking to Bleeping Computer, John Hultquist, Chief Analyst at Google Threat Intelligence Group, sa
According to security firm ZScaler, the popular information stealer and malware downloader StealC has received a massive upgrade in recent months and is currently tracked by multiple sources as Stealc_v2. StealC has been sold on underground hacking forums since January 2023. In March 2025, Ste