Author Info

A newly discovered Android malware-as-a-service (MaaS) platform, SuperCard X, is facilitating near-field communication (NFC) relay attacks. This development allows cybercriminals to execute fraudulent transactions at ATMs and point-of-sale (PoS) terminals. Targeted Campaigns in Italy The ongoing campaign primarily targets customers of banking institutions and card issuers in Italy. The goal

A newly identified malware, ResolverRAT, has emerged as a significant threat to the healthcare and pharmaceutical sectors. Discovered by Morphisec researchers, this malware employs advanced techniques to evade detection and execute its malicious activities. The latest attacks were observed around March 10, 2025, highlighting the urgent need for enhanced cybersecurity

Fog ransomware operators have recently adopted a new tactic, using DOGE-themed ransom notes to mock their victims. In a twist, they offer a free decryption key if victims spread the malware to others, adding a social engineering layer to their attacks. Phishing Campaigns and Initial Access Unlike previous campaigns that

A recent discovery has revealed that 57 Chrome extensions, collectively installed by 6 million users, possess potentially dangerous capabilities. These extensions can monitor browsing behavior, access cookies from various domains, and execute remote scripts, posing significant privacy and security threats. Uncovering the Hidden Extensions The extensions in question are not

In a significant move, Congress is witnessing bipartisan support to extend a crucial cybersecurity law that facilitates information sharing between private entities and the government. A new legislative proposal introduced on Wednesday aims to renew the Cybersecurity Information Sharing Act (CISA) for another decade, ahead of its expiration in September.

Healthcare and pharmaceutical sectors are currently under siege from a sophisticated malware campaign deploying ResolverRAT, a newly identified remote access trojan. This malware is disseminated through phishing emails that masquerade as urgent legal notices, such as copyright infringement alerts, to manipulate recipients into action. Phishing Tactics and Malware Delivery The

A severe vulnerability identified in the Erlang/OTP SSH, designated as CVE-2025-32433, poses a significant risk by enabling unauthenticated remote code execution on susceptible systems. This flaw demands urgent attention and patching to prevent potential exploitation. Understanding the Vulnerability The vulnerability, discovered by researchers at Ruhr University Bochum, has been

The China-linked Advanced Persistent Threat (APT) group known as Mustang Panda has recently upgraded its toolkit, deploying a new custom backdoor named MQsTTang. This development comes as the group intensifies its cyberattacks across Europe, Asia, and Australia. Mustang Panda, also referred to as Camaro Dragon, RedDelta, or Bronze President, has

Recent studies reveal that automated traffic now constitutes the majority of web activity, with a significant rise in bot-driven interactions. The 2025 "Bad Bot Report" by Thales and Imperva highlights that bots are responsible for 37% of all internet traffic, marking a 5% increase from the previous year.