Turla malware was deployed in February on select systems that Gamaredon had compromised in January.
The post Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions appeared first on SecurityWeek.
Hackers chained two Ivanti EPMM vulnerabilities to collect system information, dump credentials, and execute malware.
The post CISA Analyzes Malware From Ivanti EPMM Intrusions appeared first on SecurityWeek.
Kaspersky industrial threat report contains statistics on various malicious objects detected and blocked on ICS computers by Kaspersky solutions in Q2 2025.
Security teams rely on threat reports to understand what’s out there and to keep their organizations safe. But a new report shows that these reports might only reveal part of the story. Hidden malware variants are quietly slipping past defenses, leavin…
Security teams rely on threat reports to understand what’s out there and to keep their organizations safe. But a new report shows that these reports might only reveal part of the story. Hidden malware variants are quietly slipping past defenses, leavin…
Infoblox links Vane Viper to PropellerAds, exposing a global malvertising network posing as adtech while spreading malware and running online scams.
New research reveals Raven Stealer malware that targets browsers like Chrome and Edge to steal personal data. Learn how this threat uses simple tricks like process hollowing to evade antiviruses and why it’s a growing risk for everyday users.
ReversingLabs discovers “Shai-hulud,” a self-replicating computer worm on the npm open-source registry. Learn how the malware steals developer…
Attackers are finding new ways to blend in with everyday business tools, hiding their activity inside formats and processes that workers and IT teams often trust. The latest quarterly Threat Insights Report from HP Wolf Security shows how attackers con…
Researchers uncovered a new supply chain attack targeting the npm registry that impacted over 40 packages belonging to multiple maintainers. Security researchers at Socket uncovered a malicious update to @ctrl/tinycolor, a package with 2.2M weekly downloads on npm. While investigating the case, they discovered it was linked to a larger supply chain attack that compromised […]