Cybersecurity researchers at Wiz have uncovered an active cryptomining campaign dubbed "Soco404" that exploits cloud infrastructure vulnerabilities to deploy platform-specific malware targeting both Linux and Windows systems.
The sophisticated operation uses fake 404 error pages hosted on Google Sites to conceal malicious payloads, demonstrating...
A sophisticated technique where threat actors are exploiting DNS infrastructure to hide malware and establish persistent command-and-control communications, turning the internet's foundational addressing system into an unwitting storage and delivery platform for malicious software.
The discovery, made through analysis of passively collected DNS records in...
Security researchers have uncovered a sophisticated macOS malware campaign, dubbed NimDoor, in which North Korea-linked threat actors exploit fake Zoom SDK updates to steal sensitive data from cryptocurrency and Web3 organizations.
The malware, which has been active since at least April 2025, represents a...
Security researchers at BI.ZONE Mail Security has uncovered a coordinated phishing campaign targeting Russian healthcare and IT organizations, which leverages advanced evasion tactics and a newly identified backdoor dubbed PhantomRemote.
Beginning in late June 2025, the Rainbow Hyena cluster orchestrated the distribution of malicious...
Security researchers have uncovered a sophisticated cyber espionage campaign targeting European diplomatic institutions, attributed to the DoNot APT group (also known as APT-C-35 and Mint Tempest).
The state-sponsored threat actors, believed to have links to India and have been active since 2016, have expanded...
The rapid integration of AI-driven coding agents, such as Claude Code CLI, OpenAI Codex CLI, and Cursor AI, has revolutionized developer workflows, boosting productivity through auto-completion, dependency suggestions, and automated installations.
Yet, beneath this seamless “vibe-coding” experience lurks a sophisticated supply-chain risk that is...