Malware
Curated coverage and analysis in this editorial area.
Nimbus Manticore: Iranian APT Leverages AI-Assisted Backdoors to Target Aviation and Software Sectors
The Iranian threat group Nimbus Manticore has expanded its operations, targeting aviation and software entities across Saudi Arabia, A…
F-Secure Leverages Android Accessibility for Scam Defense: A High-Privilege Trade-off
F-Secure Internet Security for Android utilizes Accessibility Services permissions to monitor URLs in Chrome and block phishing, highl…
TrapDoor Campaign Targets Crypto and AI Developers via 34+ Malicious Packages
The TrapDoor campaign deployed credential-stealing malware across npm, PyPI, and Crates.io, exfiltrating crypto wallets and weaponizin…
Radiology Associates of Richmond Discloses Breach Affecting 266,000 Following Nine-Month Investigation
Radiology Associates of Richmond has confirmed a July 2025 data breach impacting over 266,000 patients. The disclosure follows a nine-…
NGate Malware Trojanizes HandyPay App to Steal Contactless PINs in Brazil
ESET Research has uncovered a new NGate variant that trojanizes the legitimate HandyPay Android app to relay NFC data and intercept PI…
Ransomware 2026: Post-Quantum Ciphers, Encryptionless Extortion, and the Rise of EDR-Killers
The 2026 ransomware landscape is defined by the adoption of post-quantum algorithms and a shift toward encryptionless extortion, with…
Cloud Atlas Upgrades Arsenal: Novel Backdoors and Stealth RDP Patching for Cyber-Espionage
Between 2025 and 2026, the Cloud Atlas APT deployed previously undocumented backdoors, VBCloud and PowerShower, alongside modified sys…
M365 Phishing: How Kali365 and EvilTokens Bypass MFA Without Passwords
Two emerging Phishing-as-a-Service (PhaaS) platforms are leveraging device code phishing and OAuth consent abuse to hijack Microsoft 3…
Unit 42: Frontier AI Models Exploiting Open-Source Transparency to Automate Supply Chain Attacks
Frontier AI models are demonstrating the autonomous reasoning required to identify vulnerabilities in open-source code and orchestrate…
18 Malicious AI Extensions Exposed: Unit 42 Details Email Spying and RAT Risks
Palo Alto Networks Unit 42 has uncovered 18 AI browser extensions that masquerade as productivity tools while deploying RATs and spyin…
GitHub: 3,800 Internal Repos Exfiltrated via Trojanized VS Code Extension
GitHub has confirmed the theft of approximately 3,800 internal repositories after an employee installed a trojanized version of the Nx…
Ransomware 2026: Extortion Tactics Pivot Beyond File Encryption
Kaspersky’s May 12, 2026 report reveals a fundamental shift in the threat landscape: as encryption loses its leverage, attackers are p…