Threats

Threat Actors Using Fake Avast Website to Harvest Users Credit Card Details

Threat Actors Using Fake Avast Website to Harvest Users Credit Card Details

Tushar Subhra Dutta February 25, 2026

Cybercriminals are frequently refining their techniques to exploit consumer trust, and a highly sophisticated phishing campaign has...

SURXRAT Android RAT Attacking Users Gain Complete Device-Control and Data Exfiltration

SURXRAT Android RAT Attacking Users Gain Complete Device-Control and Data Exfiltration

Tushar Subhra Dutta February 25, 2026

The mobile threat landscape is witnessing a significant shift toward professionalized cybercriminal operations, driven by the increasing...

OAuth Attacks in Entra ID Can Leverage ChatGPT to Compromise User Email Accounts

OAuth Attacks in Entra ID Can Leverage ChatGPT to Compromise User Email Accounts

Tushar Subhra Dutta February 25, 2026

Threat actors are always looking for new ways to abuse trusted platforms, and Microsoft Entra ID is...

Microsoft Warns of Hackers Attacking Developers with Malicious Next.js Repositories

Microsoft Warns of Hackers Attacking Developers with Malicious Next.js Repositories

Tushar Subhra Dutta February 25, 2026

A coordinated attack campaign is actively targeting software developers through malicious repositories disguised as legitimate Next.js projects...

Threat Actors Exploit Apache ActiveMQ Server Vulnerability to Gain RDP Access and Deploy LockBit Ransomware Initial%20Access%20(Source%20-%20The%20DFIR%20Report).webp

Initial%20Access%20(Source%20-%20The%20DFIR%20Report).webp

Threat Actors Exploit Apache ActiveMQ Server Vulnerability to Gain RDP Access and Deploy LockBit Ransomware

Tushar Subhra Dutta February 25, 2026

A critical vulnerability in Apache ActiveMQ has been actively exploited by threat actors, leading to a full...

Threat Actors Weaponized AI Tools to Gain Full Domain Access within 30 Minutes CHATTY%20SPIDER%20starts%20to%20exfiltrate%20data%20in%20four%20minutes%20(Source%20-%20Crowdstrike).webp

CHATTY%20SPIDER%20starts%20to%20exfiltrate%20data%20in%20four%20minutes%20(Source%20-%20Crowdstrike).webp

Threat Actors Weaponized AI Tools to Gain Full Domain Access within 30 Minutes

Tushar Subhra Dutta February 24, 2026

In 2025, threat actors turned widely used artificial intelligence tools into weapons for launching fast, precise network...

Malicious NuGet Packages Attacking ASP.NET Developers to Steal Login Credentials VirusTotal%20analysis%20showing%20only%201%20of%2072%20security%20vendors%20detecting%20NCrypt.dll,%20highlighting%20the%20challenges%20of%20detecting%20heavily%20obfuscated%20.NET%20malware%20(Source%20-%20Socket.dev).webp

VirusTotal%20analysis%20showing%20only%201%20of%2072%20security%20vendors%20detecting%20NCrypt.dll,%20highlighting%20the%20challenges%20of%20detecting%20heavily%20obfuscated%20.NET%20malware%20(Source%20-%20Socket.dev).webp

Malicious NuGet Packages Attacking ASP.NET Developers to Steal Login Credentials

Tushar Subhra Dutta February 24, 2026

A supply chain attack targeting ASP.NET developers has surfaced, involving four malicious NuGet packages built to steal...

Malicious OpenClaw Skills Used to Trick Users into Manual Password Entry for AMOS Infection GPT-4o%20constantly%20reminding%20the%20user%20to%20manually%20install%20the%20malicious%20

GPT-4o%20constantly%20reminding%20the%20user%20to%20manually%20install%20the%20malicious%20

Malicious OpenClaw Skills Used to Trick Users into Manual Password Entry for AMOS Infection

Tushar Subhra Dutta February 24, 2026

Atomic macOS Stealer (AMOS), a well-known data-theft malware, has taken a sharp turn in how it reaches...

Hackers Leverage Steganographic Images to Bypass Anti-Malware Scans and Deploy Malware Payloads package.json%20(Source%20-%20Veracode).webp

package.json%20(Source%20-%20Veracode).webp

Hackers Leverage Steganographic Images to Bypass Anti-Malware Scans and Deploy Malware Payloads

Tushar Subhra Dutta February 24, 2026

A malicious NPM package named buildrunner-dev has been caught hiding .NET malware inside innocent-looking PNG images, using steganography to...

Fake Huorong Download Site Used to Deploy ValleyRAT Backdoor in Targeted Malware Campaign Fake%20Huorong%20Security%20site%20(Source%20-%20Malwarebytes).webp

Fake%20Huorong%20Security%20site%20(Source%20-%20Malwarebytes).webp

Fake Huorong Download Site Used to Deploy ValleyRAT Backdoor in Targeted Malware Campaign

Tushar Subhra Dutta February 24, 2026

A group of attackers has built a fake version of the Huorong Security antivirus website to trick...

error: Content is protected !!