Iranian threat actors have increasingly adopted ransomware-like tactics. These are not purely criminal enterprises, but instruments of statecraft. Over the past several years, and especially amid escalating geopolitical tensions, these actors have refined a hybrid model, which blends cybercrime tech
Cyber and kinetic warfare have merged into a new phase. Internet-connected devices, especially IP cameras, are now both intelligence assets and strategic risks. Recent events in the 2026 Middle East conflict show how compromised surveillance, coordinated cyberattacks, and DDoS campaigns are changing
A supply chain attack campaign attributed to the TeamPCP threat group marks one of the most consequential and fast-moving compromises of modern software development infrastructure. The attackers targeted trusted developer tools and open-source ecosystems. This campaign showed how a single foot
The emergence of VoidStealer marks a significant evolution in the infostealer malware landscape. It demonstrates how quickly threat actors adapt to defensive innovations. By using a novel debugger-based technique to bypass Google Chrome's Application-Bound Encryption (ABE), VoidStealer highlights th
A newly uncovered iOS exploitation framework called DarkSword is reshaping the mobile threat landscape. It signals a shift from targeted espionage tools to scalable, multipurpose attack infrastructure. Joint research from Google Threat Intelligence Group (GTIG) and Lookout shows how advanced exploit
A financially motivated threat actor is leveraging deceptive websites and weaponized software installers to steal corporate VPN credentials, underscoring the rising sophistication of social-engineering-based cyber intrusions. Security researchers recently uncovered a campaign in which attackers dis
Cybercriminals continue to refine mobile malware campaigns by blending social engineering, financial fraud, and covert resource exploitation into a single attack chain. A newly identified Android malware strain, BeatBanker, demonstrates this evolution by combining banking Trojan capabilities, crypto
Cybercriminals are increasingly exploiting the popularity of AI development tools to distribute malware through sophisticated social engineering campaigns. Security researchers recently uncovered a new attack technique, InstallFix, that leverages fake installation guides for popular command-line too
A coordinated international law enforcement effort has delivered a significant blow to the cybercrime ecosystem. Authorities from the United States, Europe, and multiple partner nations recently dismantled the major hacker forum LeakBase. They also disrupted Tycoon2FA, one of the world's largest phi
APT37 is again making headlines, where previously the North Korean-linked state-sponsored group was linked with deploying data wipers; now they're breaching air-gapped networks. Also tracked under aliases such as ScarCruft, Reaper, Red Eyes, and Ricochet Chollima, this actor has long been associated