The abuse of Axios was previously flagged by Proofpoint in January 2025, detailing campaigns utilizing HTTP clients to send ...

A new Android malware called RatOn has evolved from a basic tool capable of conducting Near Field Communication ( NFC) relay ...

The attack chain essentially involves breaking into misconfigured Docker APIs to execute a new container based on the Alpine ...

MostereRAT phishing campaign targets Japanese users with advanced evasion tactics, disabling defenses and stealing data.

If you're a CISO or security leader, you've likely found yourself explaining why your program matters, why a given tool or ...

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

The identified infrastructure, totaling 45 domains, has also been identified as sharing some level of overlap with another ...

The development comes as HarfangLab linked a Belarus-aligned threat actor known as Ghostwriter (aka FrostyNeighbor or UNC1151 ...

This week, one story stands out above the rest: the Salesloft–Drift breach, where attackers stole OAuth tokens and accessed ...

Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed ...

While phishing is still a serious threat that continues to grow (especially with the increase in AI-driven attacks), it's a ...

GPUGate malware uses Google Ads and fake GitHub commits to steal data from IT firms since Dec 2024, bypassing sandboxes and GPU-lacking systems.