Threats

SmartApeSG Campaign Delivers Multiple Remote Access Trojans

Threats March 25, 2026

A sophisticated threat campaign named SmartApeSG, also known by the aliases ZPHP and HANEYMANEY, is actively spreading multiple malware strains,…

Linux Pay2Key Ransomware Targets Servers, Virtualization Hosts, and Cloud Workloads

Threats March 25, 2026

A sophisticated new Linux ransomware, dubbed Pay2Key, is actively targeting organizational servers, virtualization hosts, and cloud workloads, posing a significant…

AI-Assisted Campaign Employs Trojanized GitHub Repositories to Target Developers and Gamers

Threats March 25, 2026

A sophisticated malware campaign, dubbed “OpenClaw Trap,” is actively targeting software developers, gamers, Roblox players, and cryptocurrency users by leveraging…

New research details rapid progression of infostealer infections to dark web exposure.

Threats March 25, 2026

A recent analysis by Whiteintel’s Intelligence Division reveals that infostealer infections can lead to dark web exposure of stolen corporate…

Malicious npm Packages Target Crypto Developers, Steal Wallet Keys

Threats March 25, 2026

A critical supply chain attack has been uncovered targeting cryptocurrency developers, with five malicious npm packages designed to exfiltrate sensitive…

Google Authenticator’s Passkey Architecture May Present New Passwordless Attack Vectors

Threats March 25, 2026

Passwordless authentication, championed as the ultimate defense against account takeovers, faces new uncertainties due to the hidden architecture of Google…

Threat actors target MS-SQL servers with ICE Cloud Scanner

Threats March 24, 2026

A persistent threat actor, identified as Larva-26002, has been continuously targeting poorly managed Microsoft SQL (MS-SQL) servers, now deploying a…

CanisterWorm malware targets Iran, deployed by TeamPCP

Threats March 24, 2026

A sophisticated cyber threat actor, identified as TeamPCP, has escalated its operations from stealthy credential theft to outright destructive attacks…

Tycoon2FA Operators Resume Cloud Account Phishing After Infrastructure Disruption

Threats March 24, 2026

Cybercriminals behind Tycoon2FA, a sophisticated phishing-as-a-service (PhaaS) platform, have rapidly resumed their attacks on cloud accounts, demonstrating remarkable resilience following…

Google Forms used in multi-stage malware campaign distributing PureHVNC.

Threats March 24, 2026

Cybercriminals have devised a new method to distribute malware, ingeniously weaponizing a widely trusted online tool: Google Forms. A recently…

Advanced Persistent Threat Actors Exploit RDP Servers for Payload Deployment and Persistence

Threats March 24, 2026

One of the world’s most dangerous state-backed hacking groups is actively targeting Remote Desktop Protocol (RDP) servers across critical infrastructure,…

Microsoft details new security measures for generative AI models on Azure AI Foundry

Threats March 24, 2026

The accelerating adoption of generative AI technologies has amplified concerns regarding software supply chain security. In response, Microsoft has detailed…

Trending

CISA adds actively exploited SolarWinds Serv-U DoS vulnerability to KEV catalog

AI Agent Discovers 21 Zero-Day Vulnerabilities in FFmpeg; Chrome Addresses 429 Bugs

Cisco Catalyst SD-WAN Manager Vulnerability Exploited, Patch Pending

Threats

SmartApeSG Campaign Delivers Multiple Remote Access Trojans

Linux Pay2Key Ransomware Targets Servers, Virtualization Hosts, and Cloud Workloads

AI-Assisted Campaign Employs Trojanized GitHub Repositories to Target Developers and Gamers

New research details rapid progression of infostealer infections to dark web exposure.

Malicious npm Packages Target Crypto Developers, Steal Wallet Keys

Google Authenticator’s Passkey Architecture May Present New Passwordless Attack Vectors

Threat actors target MS-SQL servers with ICE Cloud Scanner

CanisterWorm malware targets Iran, deployed by TeamPCP

Tycoon2FA Operators Resume Cloud Account Phishing After Infrastructure Disruption

Google Forms used in multi-stage malware campaign distributing PureHVNC.

Advanced Persistent Threat Actors Exploit RDP Servers for Payload Deployment and Persistence

Microsoft details new security measures for generative AI models on Azure AI Foundry