A newly discovered Linux botnet, dubbed PumaBot, is actively targeting embedded Internet of Things (IoT) devices with remarkable stealth and technical sophistication.
Unlike traditional botnets that indiscriminately scan the internet, PumaBot executes targeted brute-force SSH attacks based on lists retrieved from its command-and-control (C2) infrastructure....
As remote work continues to proliferate in the post-pandemic world, collaboration tools like Zoom, Microsoft Teams, and WebEx have become integral to daily business operations.
However, this widespread adoption has also attracted cybercriminals, who are exploiting trust in these platforms through sophisticated phishing campaigns....
On May 21, 2025, a coordinated takedown operation by Europol, the FBI, Microsoft, and various public and private partners targeted the notorious Lumma infostealer a prevalent Malware-as-a-Service (MaaS) that has plagued organizations globally with credential theft.
The crackdown, initiated on May 15, saw law...
In March 2025, cybersecurity researchers at Genians Security Center (GSC) flagged a sophisticated spear phishing campaign orchestrated by the North Korea-linked threat actor APT37.
This operation, dubbed “Operation ToyBox Story,” marks a significant evolution in the group’s tactics: using fake academic conference invites and...
A sophisticated malware campaign, tracked as “Phantom Enigma,” has been discovered exploiting browser extension mechanisms in Google Chrome, Microsoft Edge, and Brave.
The objective is clear: stealthily exfiltrate sensitive authentication data, particularly targeting bank customers in Brazil.
Threat intelligence teams from Positive Technologies Security...
A sophisticated new Android banking Trojan, dubbed Crocodilus, has emerged on the global threat landscape, rapidly evolving its features and evasion techniques as it sweeps across Europe, South America, and beyond.
Initially spotted by Mobile Threat Intelligence (MTI) researchers in March 2025, Crocodilus has already...