FortiGuard Labs recently observed several targeted phishing campaigns in Taiwan that use themes designed to exploit local business processes. These campaigns disseminate Winos 4.0 (ValleyRat) and subsequent malicious plugins through weaponized attachments or embedded links. The lures mimic official communications, such as tax audit notifications, tax filing software installers, and cloud-based e-invoice downloads.
Affected Platforms: Microsoft Windows Impacted Users: Microsoft Windows Impa |
A new security feature rolled out to select models of the latest iPhones and iPads will make it more difficult for law enforcement, spies, and malicious hackers to obtain a person’s precise location data from their phone provider. According to Apple, the new feature, when enabled, limits the precision of location data that iPhones and cellular-enabled iPads share with the customer’s cell carrier. Sharing a less precise location, such as the general neighborhood rather than a street address, wi
A new analysis by researchers at CyberArk has detailed a significant research effort revealing operational details of a StealC malware operator by exploiting a vulnerability in the malware's leaked web panel. The recent findings demonstrate how poor security practices within criminal infrastructure can be turned against threat actors. StealC is information-stealing malware operating under a Malware-as-a-Service (MaaS) model since early 2023. It enables customers to steal passwords, session co
Sentinel Labs has provided a keen look into LLMs and SOC operations. For security teams, AI promised to write secure code, identify and patch vulnerabilities, and replace monotonous security operations tasks. Its key value proposition was raising costs for adversaries while lowering them for defenders.
To evaluate whether Large Language Models (LLMs) were both sufficiently performant and reliable to be deployed in the enterprise, a wave of new benchmarks was created. In 2023, these early benc
The Trump administration is considering a range of measures against Iran in response to the regime's crackdown on anti-government protests, which has reportedly resulted in hundreds/thousands of deaths. Protests in Iran began in late December 2025, initially sparked by economic grievances including soaring prices and currency collapse. They have since evolved into widespread anti-government demonstrations challenging the Islamic Republic's theocratic system.[1]
Human rights groups, such as the
Amazon has prevented more than 1,800 suspected North Korean operatives from securing employment since April 2024, as the Pyongyang regime continues efforts to place IT workers in remote roles at Western companies to generate revenue for the regime. Amazon's Senior Vice President and Chief Security Officer, Stephen Schmidt, revealed the figures in a LinkedIn post, noting a 27% quarter-on-quarter increase in the number of detected DPRK-affiliated applications this year. The aim, he said, is for o
While analyzing one of the affiliate programs, Doctor Web’s researchers discovered a unique piece of malware with clicker functionality and called it a Trojan.ChimeraWire. This malware targets computers running Microsoft Windows and is based on the open-source projects zlsgo and Rod for automated website and web application management.
Trojan.ChimeraWire allows cybercriminals to simulate user actions and boost a website's behavioral ranking by artificially increasing its search engine rankings.
The slow-motion Russian invasion of Ukraine has highlighted persistent vulnerabilities in Western military readiness, specifically concerning munitions stockpiles, supply chain resilience, and procurement agility. As the conflict continues, nations are adjusting their force posture and defense planning. These changes aim not only to support Ukraine but also to prepare for the realities of prolonged, multi-domain warfare.
While quantum computing and automation are shaping the following stages o
The Hoxhunt 2025 Cyber Threat Intelligence Report delivers a sobering message for security professionals: the most dangerous threats are no longer the most obvious ones. As 2026 approaches, enterprises are no longer fighting clumsy, error-riddled bulk spam; they are facing a quiet revolution where sophisticated, convincing attacks blend seamlessly into daily workflows, fueled by AI and advanced token-theft toolkits.
See: https://hoxhunt.com/guide/threat-intelligence-report
The report, based on
What is a “honeypot” in the context of cybersecurity? The term first appeared in the 1980s and 1990s, when it was used to describe precisely that, a honey trap that lured in unsuspecting hackers, putting them on the back foot. Clifford Stoll’s 1989 book The Cuckoo’s Egg is the first official documentation of a honeypot in the cyber world. Stoll tells the story of using what he called a “honeypot” to find a German hacker who had infiltrated U.S. military computers. Now the term is used in cybe
New AI-powered web browsers, such as OpenAI’s ChatGPT Atlas and Perplexity’s Comet, are attempting to unseat Google Chrome as the primary gateway to the Internet for billions of users. A key selling point of these products is their web browsing AI agents, which promise to complete tasks on a user’s behalf by navigating websites and filling out forms. However, consumers may not be aware of the significant risks to user privacy associated with agentic browsing, a problem that the entire tech ind
For decades, online security has relied on cryptographic systems that are robust against classical computers. But quantum computing changes the game. It threatens to undermine the mathematical foundations of widely used encryption methods, exposing sensitive data captured today to future decryption and exploitation. This looming threat has catalyzed a global effort to build quantum-safe cryptography, and a recent survey by Chhetri et al. offers a sweeping and useful view of how post-quantum c
A transnational operation involving 14 African countries has dismantled a large-scale digital scamming network, resulting in 260 arrests and the seizure of 1,235 electronic devices. The Interpol-led effort, named Operation Contender 3.0, marks the third wave of arrests against fraudsters and romance scammers in Africa following operations in 2021 and 2024. This third crackdown was conducted between July 28 and August 11, 2025. It focused on romance scams, where perpetrators build online relat
Attacker Breakout Time refers to the time it takes for an intruder to begin moving laterally outside of the initial beachhead to other systems in the network. Threat actors are accelerating their attacks and adopting innovative new ways to circumvent endpoint detection mechanisms, according to a new report from ReliaQuest. The threat intelligence vendor claimed in its latest Threat Spotlight report for the period June–August 2025 that the average breakout time dropped to only 18 minutes. One
A suspected cyber-attack targeting a third-party software supplier has caused major flight cancellations and delays at several European airports over the weekend. London’s Heathrow Airport and terminals in Brussels, Berlin, and Dublin are among those that continue to be impacted by the incident. A US aerospace and defense leader, RTX, told the BBC that its Muse software was targeted by threat actors. The software helps airlines to digitally check in passengers, validate boarding passes, and t
The US Secret Service on 23 September reported it has foiled what appears to be a sophisticated plot for cyber-espionage and disruption of mobile networks in New York at a time when more than 100 heads of state and governments and foreign ministers are in the city for the UN General Assembly’s leaders’ session.
In a statement, the Secret Service said that the agency recovered more than 300 co-located SIM servers and 100,000 SIM cards across multiple sites in New York tristate area. The agency s
Ransomware attacks may have decreased recently, but that does not mean the risk has gone. It remains one of the most disruptive cyber threats facing organizations. Headlines sometimes create a false sense of relief. Ransomware attacks are down by 15%, according to Verizon's latest DBIR report, but those of us working in cybersecurity know this doesn’t give the whole picture. The most important issue isn’t how often an attack occurs; it is what happens to the organization when it does.
The f
US lawmakers have accused the Chinese government of being behind a cyber espionage campaign that impersonated a prominent Congressman. The House Select Committee on Strategic Competition between the US and the Chinese Communist Party (CCP) said that CCP-affiliated actors impersonated its Chairman, Representative John Moolenaar (R-MI), in emails to “trusted counterparts” to try and trick them into malicious files and links.[1]
These files and links were designed to grant attackers access to vict
A new sneaky type of malware, known as Raven Stealer, has been identified by the Lat61 Threat Intelligence Team at Point Wild. The research team, led by Onkar R. Sonawane, has found that this seemingly simple program is surprisingly adept at remaining undetected while stealing your personal information. The research, shared with Hackread.com, reveals that the malware is primarily spread through underground forums and often bundled with pirated software.
Built using the programming languages De
In a recent warning to global organizations, cybersecurity firm Netscout has unveiled its latest DDoS Threat Intelligence Report for the first half of 2025, highlighting an unrelenting barrage of Distributed Denial-of-Service (DDoS) attacks that are increasingly sophisticated, geopolitically motivated, and amplified by artificial intelligence. Netscout's report, titled "Digital Aftershocks: Collateral Damage from DDoS Attacks," documents over 8 million attacks worldwide, with more than 3.2 mill
