The operators behind the SHub macOS infostealer have introduced a more sophisticated variant called "Reaper." This shows how macOS-focused malware keeps evolving, moving beyond basic credential theft into persistent, multi-stage compromise operations. The latest campaign blends social engineering,
The npm ecosystem is facing one of its most aggressive and technically sophisticated supply chain attacks to date. Over the past several months, security researchers have uncovered a sprawling malware campaign known as Shai-Hulud and its newer variant, Mini Shai-Hulud, which compromised hundreds of
The rapid rise of open-source repositories of artificial intelligence has transformed platforms like Hugging Face into critical infrastructure for developers, researchers, and enterprises. Millions of users rely on these repositories to download models, datasets, and applications that accelerate AI
The lines between cybercrime and state-sponsored espionage continue to blur. Iranian threat actors now adopt ransomware tradecraft to conceal intelligence-gathering operations. Recent investigations into attacks by the Iranian-linked MuddyWater group show a sophisticated evolution in tactics. Here,
The global cybercrime landscape in 2026 shows a sharp convergence of state-sponsored hacking, transnational fraud networks, and highly industrialized scam operations. Cryptocurrency remains at the center, offering both high-value targets and efficient laundering methods. Recent reports from TRM Labs
The emergence of Bluekit, as recorded by security researchers at Varonis, marks a significant evolution in the phishing-as-a-service (PhaaS) ecosystem. It shows how cybercrime continues to industrialize through automation, centralization, and the integration of artificial intelligence. Recent resea
Cybercriminals keep showing that the easiest way into an enterprise is often through trust, not software vulnerabilities. Google's Mandiant Team discovered a new threat actor, UNC6692, that proves this point. This group weaponizes Microsoft Teams, abuses helpdesk impersonation, and deploys a custom
Ransomware operators adopt whatever creates the most pressure on victims. This may mean faster encryption, stronger extortion tactics, or deeper attacks on virtual infrastructure. In 2026, the Kyber ransomware group added a new layer of psychological and technical pressure by claiming to use post-qu
Ransomware operators continue to refine their playbooks. The latest evolution of the Gentlemen ransomware shows how fast these groups adapt to scale and stay stealthy. It began as a relatively new ransomware-as-a-service (RaaS) operation in mid-2025. It has already matured into a more dangerous ente
The emergence of AI-driven cybercrime platforms has fundamentally reshaped the threat landscape. Few developments illustrate this shift more clearly than the ATHR platform and its enablement of Telephone-Oriented Attack Delivery (TOAD) attacks. By combining traditional social engineering with advanc