Attackers upgrade ClickFix with tricks used by online stores
Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware …
Google uncovers malware using LLMs to operate and evade detection
PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated …
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)
Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band …
Researchers expose large-scale YouTube malware distribution network
Check Point researchers have uncovered, mapped and helped set back a stealthy, large-scale malware distribution operation on YouTube they dubbed the “YouTube Ghost …
How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector
ESET researchers have uncovered a fresh wave of Operation DreamJob, a long-running campaign linked to North Korea’s Lazarus Group. This latest activity targeted several …
Official Xubuntu website compromised to serve malware
The official website for Xubuntu, a community-maintained “flavour” of Ubuntu that ships with the Xfce desktop environment, has been compromised to serve Windows …
Attackers don’t linger, they strike and move on
Cyber attacks are happening faster than ever. Intrusions that once took weeks or months now unfold in minutes, leaving little time to react. Attackers move quickly once they …
ProSpy and ToSpy: New spyware families impersonating secure messaging apps
ESET researchers have found two Android spyware campaigns aimed at people looking for secure messaging apps such as Signal and ToTok. The attackers spread the spyware through …
Ransomware groups are multiplying, raising the stakes for defenders
Ransomware activity is climbing again, with a steep increase in the number of victims and the number of groups launching attacks. A new mid-year report from Searchlight Cyber …
Malicious GitHub pages lure MacOS users into installing Atomic infostealer
MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic …
The unseen side of malware and how to find it
Security teams rely on threat reports to understand what’s out there and to keep their organizations safe. But a new report shows that these reports might only reveal part of …
Old file types, new tricks: Attackers turn everyday files into weapons
Attackers are finding new ways to blend in with everyday business tools, hiding their activity inside formats and processes that workers and IT teams often trust. The latest …
Featured news
Resources
Don't miss
- Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
- 18 arrested in €300 million global credit card fraud scheme
- PortGPT: How researchers taught an AI to backport security patches automatically
- AI can flag the risk, but only humans can close the loop
- VulnRisk: Open-source vulnerability risk assessment platform