Cybersecurity

Malicious actors are creating a "fake reputation economy" by using coordinated reviews, social media buzz, and paid news articles to promote malware.The goal is...

Attackers can maintain access after C2 takedowns by installing separate persistence tools like OpenSSH and VPN software.A junior hacker used free-tier services and a...

Fifteen malicious plugins on the JetBrains Marketplace have been stealing AI provider API keys in a campaign active since October 2025.Two of the fraudulent...

A new Android banking trojan named Rokarolla targets 217 banking and cryptocurrency applications.It uses sophisticated overlay attacks and 137 remote commands to gain near-total...

North Korean hacking group ScarCruft (APT37) is using spear-phishing emails disguised as Microsoft security alerts to deploy a new malware called NarwhalRAT.The Python-based malware...

A China-linked espionage group, UNC6508, secretly infiltrated North American research networks for over a year.The attackers used a backdoor called INFINITERED to compromise REDCap...

A one-click exploit called SearchLeak could exfiltrate emails, calendar details, and indexed files from Microsoft 365 Copilot Enterprise Search.The attack chained three bugs: a...

A cluster of 152 Google Chrome extensions has been discovered distributing a potentially unwanted program (PUP) and committing attribution fraud.The extensions, which act as...