Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
Dec 16, 2025Ravie LakshmananMalware / Threat Detection An ongoing campaign has been…
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption
Dec 15, 2025Ravie LakshmananRansomware / Cybercrime The pro-Russian hacktivist group known as…
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies…
Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads
Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted…
New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale
Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime…
NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems
Dec 11, 2025Ravie LakshmananCyber Espionage / Windows Security Cybersecurity researchers have disclosed…
React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors
React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity…
North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware
Threat actors with ties to North Korea have likely become the latest…
Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
Dec 09, 2025Ravie LakshmananCybersecurity / Malware Four distinct threat activity clusters have…