UnsolicitedBooker, a China-aligned threat actor active since at least March 2023, has deployed two distinct backdoors, LuciDoor...
malware
Financially motivated threat operation GrayCharlie, which overlaps with SmartApeSG, has leveraged compromised WordPress sites belonging to U.S....
Organizations in Western and Central Europe have been targeted by Russian state-backed threat operation APT28 with webhook-based...
Threat actor focuses on identity-based attacks followed by a ransomware drop.
The attack begins with seemingly ordinary emails disguised as payment requests, business queries, or signed bank documents.
Operation Olalampo, observed starting January 26, 2026, utilizes phishing emails containing malicious Microsoft Office documents that execute...
A new npm supply chain attack injects a malicious MCP server and targets LLM API keys.
Widely exploited Remcos RAT malware has gained a new variant integrating real-time surveillance and keystroke transmission capabilities,...
Google Gemini has been weaponized by the novel PromptSpy malware to ensure persistence in targeted devices, marking...