Threat actors have successfully adapted to Google’s stringent accessibility restrictions introduced in Android 13 and later versions. These safeguards, rolled out in May 2022, were designed to prevent malicious applications from abusing accessibility s…
IBM X-Force has uncovered a series of targeted email campaigns orchestrated by Hive0131, a financially motivated threat group likely originating from South America. Observed in early May 2025, these campaigns specifically target users in Colombia, masq…
A coordinated operation by Europol, the FBI, Microsoft, and other public and private sector partners targeted the Lumma infostealer, a prolific malware distributed via a malware-as-a-service (MaaS) model. Known for stealing credentials and being a tool…
Industrial giant Honeywell has published its 2025 Cybersecurity Threat Report with information on the latest trends.
The post Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift appeared first on SecurityWeek.
Cybersecurity experts from Positive Technologies’ Security Expert Center have uncovered a sophisticated malicious campaign dubbed “Phantom Enigma,” primarily targeting Brazilian residents while also affecting organizations worldwide. This c…
The Mobile Threat Intelligence (MTI) team identified a formidable new player in the mobile malware landscape: Crocodilus, an Android banking Trojan designed for device takeover. Initially observed in test campaigns with limited live instances, this mal…
Shift in cyberattack focus puts APAC region under growing pressure.
Threat actors have been found exploiting the ubiquitous “Prove You Are Human” verification systems to distribute malicious software. Specifically, this campaign leverages spoofed websites mimicking legitimate platforms like Gitcodes and Doc…
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America. […]
Threat actors have increasingly turned their attention to exploiting misconfigurations in DevOps-managed web servers to deploy malicious payloads. Recent investigations into web server vulnerabilities reveal a sophisticated pattern of attacks targeting…