According to security firm ZScaler, the popular information stealer and malware downloader StealC has received a massive upgrade in recent months and is currently tracked by multiple sources as Stealc_v2. StealC has been sold on underground hacking forums since January 2023. In March 2025, Ste
Despite several international law enforcement operations cracking down on ransomware operations, cybercriminals still make significant profits despite the risk. Law enforcement operations have forced certain ransomware groups, particularly those in the Ransomware-as-a-Service (RaaS) sphere, to evolv
In a new report published by fraud prevention firm Cleafy, researchers have discovered a new Android-based malware, named SuperCard X, that is capable of fraudulently authorizing Point-of-Sale (POS) payments and Automated Teller Machine (ATM) withdrawals by intercepting and relaying Near Field Commu
In a new report by Morphisec, security researchers discovered a new malware threat targeting healthcare organizations. The threat is named ResolverRAT by Morphisec researchers due to its heavy reliance on runtime resolution mechanisms and dynamic resource handling, which makes the remote access troj
A new report published by Outpost24 and written by Kraken Labs unveils the double life lived by up-and-coming threat actor EncryptHub, who has been linked to the breaching of 618 organizations to deploy ransomware and info stealers. The part-time threat actor is believed to have also reported two vu
Android users have long been the target of sophisticated banking trojan malware families. Some of the most prevalent threats, which have seen constant development and evolution, are Anatsa, Hook, and Octo. In a recent report by Threat Fabric, a new malware strain, Crocodilus, can be added to that li
Security firm Cyfirma has recently discovered a new ransomware-as-a-service (RaaS) called VanHelsing. Once a name given to mythical slayers of Vampires, VanHelsing is now attached to a criminal enterprise designed to siphon a business' lifeblood in return for decrypting data, which the threat actors
In a blog post published by Kaspersky Labs, security researchers revealed the discovery of a new information-stealing malware called Arcane Stealer by the cybersecurity firm. The malware is distributed fairly novel, in that it is distributed via YouTube and videos that provide users with computer ga
In a recent attack by Akira ransomware threat actors, attempts to encrypt data were initially stopped; however, an unpatched webcam proved to be the entry point threat actors were looking for and managed to bypass Endpoint Detection and Response Software installed on the enterprise machines. T
On February 21, 2025, Bybit reported that it had suffered a massive cryptocurrency theft, estimated at 1.46 billion USD using that day's exchange rate. Ethereum (ETH) was stolen from one of its ETH cold wallets, which stores cryptocurrency private keys offline. In practice, private keys are transfe