LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing
Jan 16, 2026Ravie LakshmananMalware / Cyber Espionage Security experts have disclosed details of a new campaign that has targeted U.S....
campaign
TamperedChef serves bad ads with infostealers as the main course
The TamperedChef malvertising campaign appeared to evolve from early experimentation to widespread credential theft, before detection by defenders:August 2024 —...
Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware
Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legitimate binary...
New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack
Jan 13, 2026Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs...
WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging
Jan 08, 2026Ravie LakshmananMalware / Financial Crime Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as...
Malware Campaign Abuses Booking.com Against Hospitality Sector
An evolving multi-stage campaign likely run by Russian threat actors that uses a fake Booking.com reservation cancellation message for...
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails Pierluigi Paganini January 02, 2026 Researchers uncovered a phishing...
Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor
Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor Pierluigi Paganini December 29, 2025 China-linked APT Evasive Panda...
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware
Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector...
CLOP targets Gladinet CentreStack servers in large-scale extortion campaign
CLOP targets Gladinet CentreStack servers in large-scale extortion campaign Pierluigi Paganini December 19, 2025 The Clop ransomware group is targeting...
TruffleNet and Cloud Abuse at Scale: An Identity Architecture Failure
The recent TruffleNet campaign, first documented by Fortinet, highlights a familiar and uncomfortable truth for security leaders: some of...
GhostPairing campaign abuses WhatsApp device linking to hijack accounts
GhostPairing campaign abuses WhatsApp device linking to hijack accounts Pierluigi Paganini December 18, 2025 Attackers abuse WhatsApp’s device-linking feature to...
GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads
Dec 17, 2025Ravie LakshmananAd Fraud / Browser Security A new campaign named GhostPoster has leveraged logo files associated with 17...
Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
Dec 16, 2025Ravie LakshmananMalware / Threat Detection An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using...
A Browser Extension Risk Guide After the ShadyPanda Campaign
In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions...
