More results...
ESET researchers have found two Android spyware campaigns aimed at people looking for secure messaging apps such as Signal and ToTok. The attackers spread the spyware through fake websites and social engineering. Researchers identified two previously u…
ESET Research has discovered evidence of collaboration between the Gamaredon and Turla threat groups. Both groups are linked to Russia’s primary intelligence agency, the FSB, and were found working in tandem to target high-profile organizations in Ukra…
ESET researchers have discovered HybridPetya, a bootkit-and-ransomware combo that’s a copycat of the infamous Petya/NotPetya malware, augmented with the capability of compromising UEFI-based systems and weaponizing CVE-2024-7344 to bypass UEFI Se…
ESET Research has identified a new threat group called GhostRedirector. In June 2025, this group broke into at least 65 Windows servers, mostly in Brazil, Thailand, Vietnam, and the United States. Countries where GhostRedirector victims were detected (…
Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operat…
ESET has identified PromptLock, the first AI-powered ransomware, using OpenAI models to generate scripts that target Windows, Linux…
Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installati…
The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using …
Critical WinRAR flaw CVE-2025-8088 exploited by Russia-linked hackers to spread RomCom malware, update to version 7.13 now to…
Security researchers flag two phishing campaigns abusing Firebase and Google Apps Script to host malware and fake login pages.
The post Firebase, Google Apps Script Abused in Fresh Phishing Campaigns appeared first on SecurityWeek.