FriendlyDealer mimics official app stores to push unvetted gambling apps
We’ve identified a huge social-engineering campaign designed to steer people into online gambling sites under the impression they’re installing...
identified
That “job brief” on Google Forms could infect your device
We’ve identified a campaign using business-related lures, such as job interviews, project briefs, and financial document, to distribute malware,...
Sonatype Discovers Two Malicious npm Packages
Sonatype Security Research has identified a potential compromise of a trusted npm maintainer account that has now published two...
Android devices ship with firmware-level malware
In late February 2026, SophosLabs analysts identified multiple detections on Android devices for malicious activity associated with the Keenadu backdoor....
Technical Analysis of SnappyClient
IntroductionIn December 2025, Zscaler ThreatLabz identified a new command-and-control (C2) framework implant that we track as SnappyClient, which was delivered...
Hijacked npm Packages Deliver Malware via Solana, Linked to Glassworm
Sonatype Security Research has identified two hijacked npm packages in the React Native ecosystem that receive more than 30,000...
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
Google said it identified a "new and powerful" exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS...
N8N: Shared Credentials and Account Takeover
Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely compromised the application’s...
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
Ravie LakshmananFeb 24, 2026Artificial Intelligence / Anthropic Anthropic on Monday said it identified "industrial-scale campaigns" mounted by three artificial intelligence...
TA584 threat actor leverages Tsundere Bot and XWorm for network access
A prolific initial access broker, identified as TA584, has been observed employing the Tsundere Bot in conjunction with the XWorm...
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
Ravie LakshmananJan 31, 2026Social Engineering / SaaS Security Google-owned Mandiant on Friday said it identified an "expansion in threat activity"...
