Phishing attackers employed an HTML smuggling technique to deliver a malicious payload, as the attack chain started with a phishing…
The LummaC2 obfuscator employs a novel control flow protection scheme designed specifically for its stealer component, which is part of…
Researchers identified an attack campaign targeting poorly secured Linux SSH servers, where the attack leverages Supershell, a cross-platform reverse shell…
Two campaigns targeting Selenium Grid's default lack of authentication are underway, as threat actors are exploiting this vulnerability to deploy…
CosmicBeetle, a threat actor specializing in ransomware, has recently replaced its old ransomware, Scarab, with ScRansom, a custom-built ransomware that…
CAMO, or Commercial Applications, Malicious Operations, highlights attackers' increasing reliance on legitimate IT tools to bypass security defenses, which can…
Three Chinese state-backed threat groups, APT10, GALLIUM, and Stately Taurus, have repeatedly employed a modified version of the open-source network…
In August 2024, researchers detected a malicious Google Chrome browser infection that led to the distribution of LummaC2 stealer malware…
Emansrepo, a Python infostealer, is distributed via phishing emails containing fake purchase orders and invoices, where the attacker initially sent…
Secure elements consist mainly of tiny microcontrollers, which provide service by generating and storing secrets and performing cryptographic operations. Thomas…