Cybersecurity researchers at Check Point Research have uncovered a series of coordinated cyber-espionage campaigns targeting government and law enforcement organizations across Southeast Asia.

In a concerning turn for the Ethereum developer community, a sophisticated supply chain attack has compromised the Hardhat development environment, maintained by the Nomic Foundation. This breach, explained by Socket, leverages malicious npm packages, has exposed sensitive data, including private keys and mnemonics, and highlighted critical vulnerabilities in the open-source ecosystem. The Attack in Detail [...]

APT41, a China-based cyber threat group, has been linked to an extensive campaign targeting multiple sectors worldwide. This campaign has particularly affected global shipping and logistics organizations, media and entertainment, technology, and automotive sectors across Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. The group’s activities, blending state-sponsored espionage with financially motivated operations, showcase its [...]

The cybersecurity landscape is ever-evolving, with new threats emerging regularly. Two recent discoveries, the Starkcat and HotPage malware, have drawn significant attention due to their sophisticated methodologies and potential impacts. Origin and Discovery Starkcat, identified by cybersecurity researchers at ESET as a significant new threat, originated from an unknown but highly capable group. This malware [...]

In the ever-evolving landscape of cyber threats, the North Korea-linked nation-state group BlueNoroff has once again made headlines. Jamf Threat Labs recently uncovered a previously undocumented macOS malware strain dubbed ObjCShellz. This malware is attributed to BlueNoroff and is a critical component of the ongoing RustBucket malware campaign, which has been under scrutiny since earlier [...]

In the vast landscape of cybersecurity threats, the discovery of StripedFly malware has sent shockwaves through the industry. Initially dismissed as just another cryptocurrency miner, this malware has proven to be a sophisticated and multi-faceted threat, employing an intricate modular framework that operates seamlessly on both Linux and Windows platforms. Behind its cryptocurrency mining facade [...]

In a recent breakthrough, researchers from Aqua Nautilus have successfully intercepted Kinsing's experimental incursions into cloud environments, shedding light on the threat actor's manual efforts to exploit the Looney Tunables vulnerability (CVE-2023-4911). This marks a pivotal moment in cybersecurity as the first documented instance of Kinsing deviating from its typical fully automated attacks to manually [...]

Recent research by cybersecurity firms Deep Instinct and Group-IB has revealed a new spear-phishing campaign conducted by the Iranian nation-state actor known as MuddyWater. This campaign, which began during the Israel-Hamas war, showcases updated Tactics, Techniques, and Procedures (TTPs) compared to MuddyWater's previous activities. Campaign Details: MuddyWater's spear-phishing emails, dating back to 2020, have utilized [...]

In the ever-evolving landscape of cybersecurity threats, a new adversary, AtlasCross, has emerged on the scene and raised significant concerns among cybersecurity experts. This advanced persistent threat (APT) group, recently brought to the forefront by NSFOCUS Security Labs, is known for its sophisticated tactics, careful approach, and a series of targeted attacks.  Red Cross-themed Phishing [...]

In a recent cybersecurity revelation, Check Point researchers have uncovered an active and evolving malware campaign that poses a severe threat to banking customers in Latin America. This campaign centers around the notorious BBTok banking trojan, which, since its initial discovery in 2020, has displayed a remarkable ability to adapt and refine its tactics to [...]

In the ever-evolving landscape of cyber threats, a novel and highly sophisticated backdoor malware named 'Deadglyph' has emerged, leaving experts baffled and organizations vulnerable. This malware has recently been utilized in a cyber espionage attack against a government agency in the Middle East, shedding light on the capabilities of its creators. Here, we present a [...]

In recent years, Israeli organizations have been the primary targets of cyber espionage campaigns orchestrated by the Iranian nation-state actor known as OilRig. These campaigns, named Outer Space (2021) and Juicy Mix (2022), have revealed the group's persistent focus on gathering sensitive information from Israeli entities. Analysis by ESET sheds light on the details of [...]