Armored Likho Hits Government, Energy Sectors With BusySnake Stealer
Kaspersky details how the newly named Armored Likho APT uses BusySnake Stealer, AI-generated loaders, and phishing to target government and energy organizations.
Kaspersky details how the newly named Armored Likho APT uses BusySnake Stealer, AI-generated loaders, and phishing to target government and energy organizations.
RedWing: The Android Banking Trojan You Can Rent on Telegram for Less Than a Coffee Subscription Zimperium’s zLabs team has uncovered RedWing, an Android spyware operation sold as a subscription service through Telegram, with links to Russian threat actors and apparent roots in the Oblivion malware family. It comes with documentation, tutorial videos, a referral […]
Armored Likho APT uses AI-generated malware, phishing, and BusySnake Stealer to target governments and power grids in Russia, Kazakhstan, and Brazil. Kaspersky’s threat research team has documented a previously unknown APT group they’re calling Armored Likho, also tracked under the name Eagle Werewolf. The group runs two parallel tracks: financially motivated attacks against private individuals […]
Malwarebytes links fake Google and Cloudflare verification pages to shared ClickFix infrastructure delivering StealC, NetSupport and other malware.
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. Government Agency Paid $1M to Data Extortion Group Kairos FBI: TeamPCP Compromised Dev Tools to […]
FBI says TeamPCP poisoned trusted developer tools to steal cloud credentials, spread malware through software updates, and extort victims. On July 2, 2026, the FBI published a FLASH alert identifying the criminal group called TeamPCP and detailing how it compromised widely used developer and security tools to steal credentials from victim environments at scale. The […]
A former EU lawmaker was hacked with Pegasus spyware while investigating its use, according to Citizen Lab. The Citizen Lab published a report documenting one of the more darkly ironic findings in recent surveillance research: former Member of the European Parliament Stelios Kouloglou was repeatedly infected with NSO Group‘s Pegasus spyware while serving on the […]
FBI and Google disrupt NetNut after domains linked to its residential proxy network are seized, exposing abuse of 2 million TVs and streaming devices worldwide.
The newly spotted PamStealer is spreading through a fake Maccy clipboard app and steal Mac passwords, browser data and clipboard content.
A newly disclosed forensic investigation has revealed that Pegasus spyware was used to hack a sitting Member of the European Parliament (MEP) who was actively investigating spyware abuses across the European Union. This raises serious concerns about su…