PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks
A new threat actor is spreading infostealer malware through targeted attacks on developers and fraudulent cryptotrading applications.
Read More
Who Needs Macros? | Threat Actors Pivot to Abusing Explorer and Other LOLBins via Windows Shortcuts
Crimeware vendors say 'macros are dead', but they have a new weapon to help threat actors successfully deploy malware.
Read More
LockBit 3.0 Update | Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques
The self-proclaimed 'oldest ransomware affiliate on the planet' has new tricks and new features and continues to beat enterprise defenses.
Read More
Inside Malicious Windows Apps for Malware Deployment
Learn how threat actors manipulate Windows to install malicious apps that are trusted by the system, and how to defend against them.
Read More
Targets of Interest | Russian Organizations Increasingly Under Attack By Chinese APTs
Chinese-linked phishing campaign seeks to compromise Russian targets with custom malware designed for espionage.
Read More
Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years
Targeting organizations in SE Asia and Australia, Aoqin Dragon uses pornographic-themed lures and custom backdoors to conduct espionage operations.
Read More
Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs
A new typosquatting attack against the PyPI repository targets enterprise Macs with a distinctive obfuscation method.
Read More
CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.
Read More
Putting Things in Context | Timelining Threat Campaigns
Visualizing data is integral to threat research. See how we used this timeline analysis tool to track activity in the Ukrainian cyber conflict.
Read More
Vulnerabilities in Avast And AVG Put Millions At Risk
Two high-severity flaws in popular end user security tools allow attackers to elevate privileges and compromise devices.
Read More