Rokarolla Android trojan targets banking and crypto users, enables device takeover
A newly discovered Android banking trojan, dubbed Rokarolla, targets 217 banking and cryptocurrency applications and can execute 137 commands on infected devices, according to …
The behavioral signals that sharpen Trojan malware detection
Malware analysts spend a lot of time deciding which signals from a sandbox run are worth keeping. A sample executed in a controlled environment can generate hundreds of …
GitHub-hosted malware campaign uses split payload to evade detection
A large-scale malware delivery campaign has been targeting developers, gamers, and general users through fake tools hosted on GitHub, Netskope researchers have warned. These …
How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector
ESET researchers have uncovered a fresh wave of Operation DreamJob, a long-running campaign linked to North Korea’s Lazarus Group. This latest activity targeted several …
AsyncRAT evolves as ESET tracks its most popular malware forks
AsyncRAT is an open-source remote access trojan that first appeared on GitHub in 2019. It includes a range of typical RAT capabilities, such as keylogging, screen capture, …
Trojanized SonicWall NetExtender app exfiltrates VPN credentials
Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a …
FBI: Free file converter sites and tools deliver malware
Malware peddlers are increasingly targeting users who are searching for free file converter services (websites) and tools, the FBI’s Denver Field Office has warned …
Windows users targeted with fake human verification pages delivering malware
For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed …
New SOHO router malware aims for cloud accounts, internal company resources
Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, …
iOS users beware: GoldPickaxe trojan steals your facial data
Group-IB uncovered a new iOS trojan designed to steal users’ facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe.iOS by Group-IB’s …
The rise and evolution of supply chain attacks
A supply chain attack is a cyberattack that focuses on a third-party supplier providing essential services or software to the supply chain. In this Help Net Security video, …
Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure
North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure …
Featured news
Resources
Don't miss
- Securing digital keys when your phone unlocks the car
- How security teams are getting credential visibility into developer endpoints
- What happens to oversight when AI agents write a lab’s own code
- Low-skilled attacker used Claude, Codex to breach 14 companies
- Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)