APT36, also known as Transparent Tribe, Mythic Leopard, Earth Karkaddan, or Operation C-Major, is a Pakistan-linked cyber-espionage group that has spent more than a decade targeting Indian government, military, and diplomatic institutions. In August 2025, cybersecurity researchers from two security
Since at least 2021, a powerful Mirai-based threat known as Rapper Bot, also known as Eleven Eleven or CowBot, has quietly targeted millions of internet-connected devices worldwide. Recently, a coordinated law enforcement action dismantled the operation and brought charges against its alleged admini
Security researchers at Trend Micro recently uncovered a sophisticated ransomware operation deploying a variant tracked as Crypto24. The group executes highly coordinated, multi-stage attacks that blend legitimate system administration tools with custom malware to evade detection systems and comprom
According to a new report published by ESET, WinRAR, a popular file-archiving utility, recently revealed a serious zero-day vulnerability that allowed attackers to infect computers with malware through seemingly harmless archives. Security researchers uncovered the active exploitation of this flaw b
In mid‑2025, cybersecurity teams observed two sophisticated campaigns delivering Akira ransomware through distinctly different techniques. One involved misused Windows drivers following SonicWall VPN compromises; the other leveraged poisoned search results, leading to malware-laden IT tools being dr
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Sandia National Laboratories released Thorium as an open‑source forensic analysis platform on July 31, 2025. The platform supports government, critical infrastructure, and private‑sector teams. According to officials, Thorium auto
Cisco Talos Incident Response recently uncovered a ransomware-as-a-service (RaaS) operation called "Chaos." This group specializes in attacking large organizations, stealing data, and demanding a ransom. It often threatens to leak victim data if the ransom goes unpaid, otherwise known as the double
On July 19, 2025, Microsoft's Security Response Center warned that multiple nation-state threat actors are actively exploiting two serious vulnerabilities in on-premises SharePoint servers. These flaws, namely CVE-2025-49706, a spoofing vulnerability, and CVE-2025-49704, a remote code execution issu
The United Kingdom's National Cyber Security Centre (NCSC) has uncovered a highly targeted and stealthy malware strain, dubbed Authentic Antics, that infiltrates Microsoft Outlook on Windows to trick victims into surrendering their Office login credentials and freshly minted OAuth 2.0 token. A
Cybersecurity experts at Morphisec report that Matanbuchus, launched as malware-as-a-service (MaaS) in 2021, has returned with an upgraded and powerful new version, Matanbuchus 3.0. The malware lets attackers rent a powerful loader that can install additional malicious tools on Windows computers, ac