In a new report published by fraud prevention firm Cleafy, researchers have discovered a new Android-based malware, named SuperCard X, that is capable of fraudulently authorizing Point-of-Sale (POS) payments and Automated Teller Machine (ATM) withdrawals by intercepting and relaying Near Field Commu
In a new report by Morphisec, security researchers discovered a new malware threat targeting healthcare organizations. The threat is named ResolverRAT by Morphisec researchers due to its heavy reliance on runtime resolution mechanisms and dynamic resource handling, which makes the remote access troj
A new report published by Outpost24 and written by Kraken Labs unveils the double life lived by up-and-coming threat actor EncryptHub, who has been linked to the breaching of 618 organizations to deploy ransomware and info stealers. The part-time threat actor is believed to have also reported two vu
Android users have long been the target of sophisticated banking trojan malware families. Some of the most prevalent threats, which have seen constant development and evolution, are Anatsa, Hook, and Octo. In a recent report by Threat Fabric, a new malware strain, Crocodilus, can be added to that li
Security firm Cyfirma has recently discovered a new ransomware-as-a-service (RaaS) called VanHelsing. Once a name given to mythical slayers of Vampires, VanHelsing is now attached to a criminal enterprise designed to siphon a business' lifeblood in return for decrypting data, which the threat actors
In a blog post published by Kaspersky Labs, security researchers revealed the discovery of a new information-stealing malware called Arcane Stealer by the cybersecurity firm. The malware is distributed fairly novel, in that it is distributed via YouTube and videos that provide users with computer ga
In a recent attack by Akira ransomware threat actors, attempts to encrypt data were initially stopped; however, an unpatched webcam proved to be the entry point threat actors were looking for and managed to bypass Endpoint Detection and Response Software installed on the enterprise machines. T
On February 21, 2025, Bybit reported that it had suffered a massive cryptocurrency theft, estimated at 1.46 billion USD using that day's exchange rate. Ethereum (ETH) was stolen from one of its ETH cold wallets, which stores cryptocurrency private keys offline. In practice, private keys are transfe
An unknown leaker, going by the alias ExploitedWhispers, has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation. Now removed, the stolen messages were originally uploaded to the MEGA file-sharing platform. Since their removal fro
According to a recent report by Sysdig, threat actors employing a new hacking technique known as LLMJacking are actively targeting DeepSeek's latest Large Language Model (LLM) and those using the model for their specific GenAI needs. LLMJacking was first discovered by Sysdig researchers in mid