Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets
The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in tools, victimology, and TTPs.
The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in tools, victimology, and TTPs.
A equipe de pesquisadores da Check Point Research (CPR), divisão de inteligência de ameaças da Check Point Software, divulgou seu relatório sobre Ranking de Phishing de Marcas referente ao primeiro trimestre de 2026, revelando que a Microsoft segue como a marca mais falsificada e…
Poucas empresas estão preparadas para se defender contra agentes de IA autônomos, que executam tarefas e criam subagentes que tomam decisões sem intervenção humana (IA agêntica), conforme alerta da Elytron Cybersecurity, especializada em serviços ofensivos e defensivos de seguran…
Um vazamento de dados do fórum RAMP (Russian Anonymous Marketplace) revelou o funcionamento de um dos mais estruturados mercados de ransomware da Rússia, com 7.707 usuários registrados, 1.732 tópicos de fórum e 340.333 registros de IP, conforme análise publicada pelo portal Compa…
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. [...]
China's state-backed groups are now using covert networks of compromised devices to execute attacks in a low-cost, low-risk, and deniable way.
Technically speaking, there's no practical benefit to use PQC. So why is it being used?
Uma variação do malware Mirai está ameaçando roteadores D-Link da série DIR-823-X, permitindo que hackers consigam tomar o controle dos aparelhos de internet sem maiores problemas. Segundo análise da empresa de segurança Akamai, a ameaça foi detectada pela primeira vez no início …
The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects. [...]
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. [...]
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. "As with many other intrusions in recent years, UNC6692 relied heavily on imperson…
A CISA (Agência de Segurança Cibernética e Infraestrutura dos EUA) atualizou hoje sua Diretiva de Emergência ED 25-03 e publicou uma análise do malware FIRESTARTER, um backdoor persistente que afeta dispositivos Cisco Firepower e Secure Firewall com software Adaptive Security App…
New GoGra Linux malware linked to Harvester APT targets systems in South Asia, using fake PDFs and Microsoft APIs for covert command and control.
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. [...]
Cisco found and fixed a significant vulnerability in the way Anthropic handles memories, but experts warn that mishandled memory files will continue threaten AI systems.
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from Socket. "The affected package version appears to be @bitwarden/cli@2026.4.0, and the malicious code was published in 'bw1.js,' a file inc…
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. A…
The United Kingdom's National Cyber Security Centre (NCSC-UK) and international partners warned that China-nexus hackers are increasingly using large-scale proxy networks of hijacked consumer devices to evade detection and disguise their malicious activity. [...]
A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate services like Microsoft 365 Outlook, Slack, and Discord in attacks against government entities. [...]
Imagine a world where hackers don't sleep, don't take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerabili…