A recent investigation into advanced persistent threat activity has revealed a sophisticated attack chain orchestrated by the North Korea-linked Kimsuky group.
This operation, running for over two months in early 2025, targeted individuals involved with North Korean defector support, defense circles, and NGOs.
The...
In the ever-evolving landscape of cyber threats, hackers have continued to exploit remote access tools to compromise organizations with alarming persistence.
One particular tool, ConnectWise ScreenConnect, previously known as ConnectWise Control, has found itself increasingly at the center of sophisticated malware delivery campaigns targeting...
A critical vulnerability in the command-and-control, or C2, infrastructure of the infamous DanaBot malware provided security analysts with an unprecedented opportunity to peer into the hidden operations of one of the world’s most persistent cybercriminal networks.
Dubbed “DanaBleed” by researchers, this flaw existed in...
A prominent advanced persistent threat (APT) group known as "Librarian Ghouls" also referenced in recent security bulletins as "Rare Werewolf" and "Rezet" has launched a wave of highly targeted cyberattacks against Russian and CIS-based organizations, as detailed in recent security research.
As of May 2025,...
Security researchers have recently uncovered a new wave of cyberattacks targeting TBK DVR devices through the exploitation of a critical vulnerability known as CVE-2024-3721.
This campaign is being conducted by a variant of the infamous Mirai botnet, which has been adapted and repurposed by...
Security researchers have identified an advanced Windows-based malware dubbed Blitz, which is being used to compromise servers and desktops for cryptocurrency mining and data exfiltration.
Technical Analysis of the Blitz Malware Attack
Blitz’s Two-Stage Architecture
Blitz is a modular malware that operates in two distinct phases:
Stage 1:...