QEMU abused to evade detection and enable ransomware delivery
Sophos analysts are investigating the active abuse of QEMU, an “open-source machine emulator and virtualizer,” by threat actors seeking to...
Abuse
Top Cloud Privileged Access Management Best Practices to Prevent Privilege Abuse
Privileged access abuse is behind most major cloud breaches. And it’s not always a sophisticated attacker – sometimes it’s...
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware Pierluigi Paganini March 24, 2026 North Korea-linked threat...
Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor
Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor Pierluigi Paganini February 09, 2026 Huntress confirmed active...
Paris raid on X focuses on child abuse material allegations
Paris raid on X focuses on child abuse material allegations Pierluigi Paganini February 04, 2026 French prosecutors raided X offices...
