A previously unseen wiper malware dubbed “PathWiper” has been detected targeting Ukrainian critical infrastructure, Cisco Talos revealed this week.
The attackers leveraged a legitimate endpoint administration framework typically used for remote IT support turning it into a devastating weapon to unleash destructive malware across the network....
A recent investigation by cybersecurity researchers has revealed a highly stealthy malware distribution campaign abusing the legitimate paste.ee service as a command-and-control (C&C) hub.
The attackers use advanced obfuscation techniques in JavaScript droppers to deliver powerful remote access trojans (RATs) like XWorm and AsyncRAT,...
Cybersecurity analysts have issued a stark warning to WordPress site owners after uncovering a sophisticated fake caching plugin, dubbed wp-runtime-cache, that silently exfiltrates admin credentials.
The malicious plugin, discovered during a routine malware scan, exploits WordPress’s plugin architecture and cleverly masks its presence, making detection...
Threat intelligence teams began tracking an evolution in the PowerShell-based ViperSoftX malware family, which has rapidly gained notoriety across underground forums and threat-hunting communities.
The latest samples uncovered in live campaigns and malware-sharing hubs demonstrate a decisive step forward in modularity, stealth, and persistence,...
As remote work continues to proliferate in the post-pandemic world, collaboration tools like Zoom, Microsoft Teams, and WebEx have become integral to daily business operations.
However, this widespread adoption has also attracted cybercriminals, who are exploiting trust in these platforms through sophisticated phishing campaigns....
On May 21, 2025, a coordinated takedown operation by Europol, the FBI, Microsoft, and various public and private partners targeted the notorious Lumma infostealer a prevalent Malware-as-a-Service (MaaS) that has plagued organizations globally with credential theft.
The crackdown, initiated on May 15, saw law...