Threats

Recent cybersecurity investigations have uncovered a sophisticated threat actor dubbed "FishMonger" operating under the umbrella of I-SOON, a Chinese company with alleged ties to state-sponsored hacking operations. This Advanced Persistent Threat (APT) group has been...

A widespread and ongoing SMS phishing (smishing) campaign targeting toll road users across the United States has been identified, posing a significant threat to motorists' financial security. Since mid-October 2024, cybercriminals have been impersonating legitimate...

A dangerous partnership has emerged in the cybercriminal landscape, as EvilCorp, a sanctioned Russia-based cybercriminal enterprise, has begun working with RansomHub, one of the most active ransomware-as-a-service (RaaS) operations. This collaboration, identified through shared indicators...

A plugin designed to patch security vulnerabilities in older versions of Shopware has itself been found vulnerable to SQL injection attacks. The flaw, discovered in Shopware Security Plugin 6 version 2.0.10, affects Shopware installations below...

The food and agriculture sector has become a prime target for cybercriminals, with ransomware attacks more than doubling in the past quarter. Security researchers have documented 84 significant ransomware incidents targeting agricultural businesses between February...

North Korean state-sponsored threat actor APT Group 123 has intensified its cyber espionage campaign, specifically targeting Windows systems across multiple sectors globally. The group, active since at least 2012 and also tracked under aliases such...

The most common passwords hackers are using in attacks against Remote Desktop Protocol (RDP) services, highlighting critical vulnerabilities in many organizations' security postures.  The Specops research team analyzed 15 million passwords used in live attacks...

A sophisticated phishing campaign dubbed "Gabagool" that targets corporate and government employees has been uncovered recently by the TRAC Labs team. This campaign exploits Cloudflare's R2 storage service to host malicious content, leveraging Cloudflare's trusted...

In a concerning development for cybersecurity professionals and everyday users alike, sophisticated threat actors have begun targeting KeePass, one of the most popular open-source password managers, to distribute malware and exfiltrate sensitive credentials. The campaign,...

Kaspersky's Global Research and Analysis Team (GReAT) has recently uncovered a sophisticated supply chain attack targeting the Python Package Index (PyPI). The attack, which remained undetected for nearly a year, involved malicious packages masquerading as...