How to Detect Threats Early For Fast Incident Response: 3 Examples
Security Operations Center (SOC) teams are now facing an increasingly complex challenge: identifying and responding to security incidents before they can cause significant damage.
The key to effective incident response is not just detecting...
New Sorillus RAT Actively Attacking European Organizations Via Tunneling Services
European organizations are facing a sophisticated cyber threat as the Sorillus Remote Access Trojan (RAT) emerges as a prominent weapon in a multi-language phishing campaign targeting businesses across Spain, Portugal, Italy, France, Belgium, and...
New KimJongRAT Stealer Using Weaponized LNK File to Deploy Powershell Based Dropper
A sophisticated evolution of the KimJongRAT malware family has emerged, demonstrating advanced techniques for credential theft and system compromise through weaponized Windows shortcut files and PowerShell-based payloads.
This latest campaign represents a significant advancement from...
New Variants of Chaos RAT Attacking Windows and Linux Systems to Steal Sensitive Data
Cybersecurity researchers have identified sophisticated new variants of Chaos RAT, a remote administration tool that has evolved from an open-source project into a formidable cross-platform malware threat targeting both Windows and Linux systems.
Originally documented...
New Sophisticated Multi-Stage Malware Campaign Weaponizes VBS Files to Execute PowerShell Script
Security researchers have uncovered a sophisticated malware campaign utilizing heavily obfuscated Visual Basic Script (VBS) files to deploy multiple types of remote access trojans (RATs).
The campaign, discovered in June 2025, involves a cluster of...
Beware of Weaponized Research Papers That Delivers Malware Via Password-Protected Documents
A newly identified malware campaign orchestrated by the notorious Kimsuky group has been leveraging password-protected research documents to infiltrate academic networks and compromise sensitive systems.
This sophisticated attack represents a significant evolution in social engineering...
Kimsuky and Konni APT Groups Accounts Most Active Attacks Targeting East Asia
North Korean state-sponsored advanced persistent threat (APT) groups Kimsuky and Konni have emerged as the most prolific cyber threat actors targeting East Asian nations, according to the latest threat intelligence findings.
In April 2025, these...
XDSpy Threat Actors Leverages Windows LNKs Zero-Day Vulnerability to Attack Windows System Users
A sophisticated cyber espionage campaign attributed to the XDSpy threat actor has recently been discovered exploiting a zero-day vulnerability in Windows shortcut files.
This threat actor, which has operated largely undetected from 2011 until its...
Hackers Deliver Fileless AsyncRAT Using Clickfix Technique via Fake Verification Prompt
A sophisticated fileless malware campaign targeting German-speaking users has emerged, employing deceptive verification prompts to distribute AsyncRAT through the increasingly popular Clickfix technique.
The malware masquerades as a legitimate "I'm not a robot" CAPTCHA verification,...
Water Curse Hacker Group Weaponized 76 GitHub Accounts to Deliver Multistage Malware
A sophisticated threat actor known as Water Curse has exploited the inherent trust in open-source software by weaponizing at least 76 GitHub accounts to distribute malicious repositories containing multistage malware.
The campaign represents a significant...
