Socket’s Threat Research Team has outlined all the details.
The long-running Contagious Interview campaign is now hiding BeaverTail and InvisibleFerret payloads inside JSON storage ...
China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage ...
ClickFix has become hugely successful as it relies on a simple yet effective method, which is to entice a user into infecting ...
TamperedChef spreads through fake installers and SEO abuse, delivering a persistent JavaScript backdoor across multiple ...
This blog is intended to share an in-depth analysis of a recent multi-stage attack attributed to the Water Gamayun advanced persistent threat group (APT). Drawing on telemetry, forensic reconstruction ...
The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious artifacts under GitHub’s own name.
The economics of cybercrime have shifted dramatically. What once took skilled attackers weeks to reverse engineer can now be accomplished in hours using AI-powered analysis tools and automated systems ...
With its new browser-in-the-browser capability, the tool helps threat actors fool employees into giving up credentials.
A new ClickFix variant ratchets up the psychological pressure to 100 and addresses some technical mitigations to classic ClickFix attacks.
A North Korea-linked hacking campaign hides advanced malware inside public JSON storage services during fake job tests.
Security researchers at Push Security are warning that Sneaky2FA, an advanced phishing-as-a-service (PhaaS) kit, has released ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback