-
LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a malware loader based on the open-source Deno runtime for JavaScript and TypeScript.
- March 17, 2026
- 08:09 AM
0
-
New ‘BlackSanta’ EDR killer spotted targeting HR departments
For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.
- March 10, 2026
- 06:57 PM
0
-
New report: How browser-based attacks are bypassing your security controls
Browser-based attacks, from AITM phishing and ClickFix to malicious OAuth apps and session hijacking, are driving today's biggest breaches.
A new report from Push Security breaks down the techniques attackers are using, real-world case studies, and the detection gaps leaving security teams exposed.
-
New 'Zombie ZIP' technique lets malware slip past security tools
A new technique dubbed "Zombie ZIP" helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) products.
- March 10, 2026
- 04:05 PM
- 0
-
Predator spyware hooks iOS SpringBoard to hide mic, camera activity
Intellexa's Predator spyware can hide iOS recording indicators while secretly streaming camera and microphone feeds to its operators.
- February 21, 2026
- 11:13 AM
- 5
-
Ransomware gang uses ISPsystem VMs for stealthy payload delivery
Ransomware operators are hosting and delivering malicious payloads at scale by abusing virtual machines (VMs) provisioned by ISPsystem, a legitimate virtual infrastructure management provider.
- February 05, 2026
- 03:57 PM
- 1
-
Gootloader now uses 1,000-part ZIP archives for stealthy delivery
The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection by concatenating up to 1,000 archives.
- January 15, 2026
- 05:54 PM
- 0
-
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR (endpoint detection and response) killing operations.
- December 08, 2025
- 07:00 PM
- 0
-
Crypto24 ransomware hits large orgs with custom EDR evasion tool
The Crypto24 ransomware group has been using custom utilities to evade security solutions on breached networks, exfiltrate data, and encrypt files.
- August 14, 2025
- 01:53 PM
- 1
-
New EDR killer tool used by eight different ransomware groups
A new Endpoint Detection and Response (EDR) killer that is considered to be the evolution of 'EDRKillShifter,' developed by RansomHub, has been observed in attacks by eight different ransomware gangs.
- August 07, 2025
- 01:58 PM
- 0
-
New Ghost Calls tactic abuses Zoom and Microsoft Teams for C2 operations
A new post-exploitation command-and-control (C2) evasion method called 'Ghost Calls' abuses TURN servers used by conferencing apps like Zoom and Microsoft Teams to tunnel traffic through trusted infrastructure.
- August 06, 2025
- 12:36 PM
- 0
-
Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware
Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company.
- July 29, 2025
- 12:10 PM
- 0
-
Android malware Konfety uses malformed APKs to evade detection
A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection.
- July 15, 2025
- 09:10 AM
- 0
-
Hackers abuse leaked Shellter red team tool to deploy infostealers
Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the software.
- July 07, 2025
- 10:49 AM
- 0
-
Godfather Android malware now uses virtualization to hijack banking apps
A new version of the Android malware "Godfather" creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps.
- June 19, 2025
- 03:54 PM
- 0
-
Grinex exchange suspected rebrand of sanctioned Garantex crypto firm
A new cryptocurrency exchange named Grinex is believed to be a rebrand of Garantex, a Russian cryptocurrency exchange whose domains were seized by the U.S. authorities and an admin arrested.
- April 29, 2025
- 04:21 PM
- 0
-
Linux 'io_uring' security blindspot allows stealthy rootkit attacks
A significant security gap in Linux runtime security caused by the 'io_uring' interface allows rootkits to operate undetected on systems while bypassing advanced Enterprise security software.
- April 24, 2025
- 08:00 AM
- 0
-
Phishing kits now vet victims in real-time before stealing credentials
Phishing actors are employing a new evasion tactic called 'Precision-Validated Phishing' that only shows fake login forms when a user enters an email address that the threat actors specifically targeted.
- April 09, 2025
- 09:49 AM
- 0
-
CISA warns of Fast Flux DNS evasion used by cybercrime gangs
CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the "Fast Flux" cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs.
- April 03, 2025
- 03:37 PM
- 0
-
Ransomware gang encrypted network from a webcam to bypass EDR
The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows.
- March 06, 2025
- 03:31 PM
- 5
-
New polyglot malware hits aviation, satellite communication firms
A previously undocumented polyglot malware is being deployed in attacks against aviation, satellite communication, and critical transportation organizations in the United Arab Emirates.
- March 04, 2025
- 11:17 AM
- 0
0
