Fox-IT said ThemeForestRAT shares similarities with a malware codenamed RomeoGolf that was put to use by the Lazarus Group in ...

MystRodX backdoor, active since Jan 2024, uses encrypted payloads and DNS/ICMP triggers for stealthy C2 control.

Silver Fox exploited a Microsoft-signed WatchDog driver in May 2025 to bypass defenses, deploy ValleyRAT, and enable fraud.

The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, ...

FDN3 brute-force attacks peaked July 6–8, 2025, tied to Seychelles bulletproof hosts enabling ransomware entry.

The path forward is to govern it intelligently, rather than block it. Shadow AI discovery gives CISOs the visibility they need to protect sensitive data, meet regulatory requirements, and empower ...

ServiceNow integrates XM Cyber attack graphing, adding a fourth risk dimension to prioritize exposures and protect critical ...

Here’s this week’s cybersecurity recap in plain terms, built for leaders and practitioners who need the signal, not the noise ...

Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are ...

Over 80% of security incidents stem from browser-based apps, with Scattered Spider exploiting sessions and APIs.

ScarCruft’s Operation HanKook Phantom uses RokRAT malware in spear-phishing campaigns, targeting South Korean academics for espionage.

Passwordstate 9.9 fixes authentication bypass flaw on August 28, 2025, adding clickjacking defenses for 29,000 customers.