Malware
CVE-2025-8088 WinRAR and the threat of hidden ADS
In recent months a sad but certain rule of the world of cybersecurity has been reestablished: a single well-used vulnerability can open many doors. The failure known as CVE-2025-8…
Category of intelligence
Malware
News about viruses, Ransomware, Trojans and other malicious software
Malware
Nike and World Leaks in the eye of cyberextortion: between a mass leak and possible negotiation
The sports multinational Nike has reported that she is investigating what she calls a " possible cybersecurity incident"after the extortion group known as World Leaks published on…
Malware
Reinvented ClickFix: False CAPTCHA, signed App-V and execution in memory of the Amatera stealer
Cybersecurity researchers have brought to light a chain of attack that combines an old acquaintance of web deception - ClickFix-type false CAPTCHAs - with a less expected maneuver…
Malware
PeckBirdy the JScript frame that operates on browsers and opens doors without a trace
Security researchers have identified a command and control framework based on JScript which is being exploited by actors aligned with China since 2023. The central part of this ca…
Malware
Stanley the subscription malware that deceives with extensions in the Chrome Web Store
A new subscription malware service has alerted researchers and security officials: under the commercial name of "Stanley," who offers it promises malicious extensions for browsers…
Malware
False CAPTCHA, signed binaries and steganography: the chain of attack that operates in memory to steal data
In recent months, a chain of infection has emerged that combines classical social engineering with increasingly refined techniques to pass unnoticed. The researchers BlackPoint Cy…
Malware
The IA changed the cybersecurity game: why EDR and NDR should work together
If there is something that is never lacking in cybersecurity is the continuous change: the attackers keep looking for new ways of mocking defenses. In recent years we have seen ho…
Malware
Critical alert CVE-2024-37079 in already exploited VMware vCenter; mandatory patch for federal agencies
The U.S. Government's cyber security agency turned the alarms on again: the Cybersecurity and Infrastructure Security Agency (CISA) has marked as actively exploited critical vulne…
Malware
Kanni and the IA raise the phishing speed for blockchain developers
A group linked to North Korea has raised the bet: researchers have detected speed-phishing campaigns aimed at developers and engineering teams of the blockchain ecosystem, in whic…