Hackers stole nearly $140 million from six banks in Brazil by using an employee's credentials from C&M, a company that offers financial connectivity solutions. [...]

Iran-aligned BladedFeline group has been observed targeting the government of Iraq and KRG with advanced malware

Building on perfect scores in the most rigorous, real-world tests to date, Symantec and Carbon Black once again best the competition

Notice The June 2025 trend report on the Deep Web & Dark Web is composed of the following topics: Ransomware, Data Breach, DarkWeb, CyberAttack, and Threat Actor. Please note that some of the...

This report comprehensively covers actual cyber threats and security issues related to financial companies in South Korea and abroad. This article includes an analysis of malware and phishing...

Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as 'AMOS') that comes with a backdoor, to attackers persistent access to compromised systems. [...]

This new piece co-authored by the Citizen Lab’s Gabrielle Lim discusses the risks of privatized space technology. She and her co-authors highlight that the issue is not private-sector involvement,...

Written by: Jaysn Rye Executive Summary As adversaries grow faster, stealthier, and more destructive, traditional recovery strategies are increasingly insufficient. Mandiant's M-Trends 2025 report...

2025-07-01 • SpyCloud • SpyCloud Labs Research Team Open article on Malpedia

2025-07-02 • CrowdStrike • Counter Adversary Operations Open article on Malpedia

2025-07-03 • Rapid7 • Rapid7 • win.mimikatz, win.poortry Open article on Malpedia

2025-06-30 • Microsoft • Microsoft Threat Intelligence Open article on Malpedia

In May 2025, Cybereason Global Security Operations Center (GSOC) detected that threat actors have been hosting malicious WordPress websites to deliver malicious versions of the legitimate...

Over the last ten years, more than 600 million websites have been secured with free certificates from Let's Encrypt. Here's how it all began and why.

2025-07-04 • Qianxin • RedDrip7 Open article on Malpedia

SatanLock ransomware gang shuts down after weeks of attacks and plans to leak stolen victim data. Group linked to Babuk-Bjorka and GD Lockersec families.

Democrats have critiqued the bill for not protecting funds for the Cybersecurity and Infrastructure Security Agency. The post GOP domestic policy bill includes hundreds of millions for military...

Qantas has confirmed that it is now being extorted by threat actors following a cyberattack that potentially exposed the data for 6 million customers. [...]

Vulnerability research company WatchTowr published a detection analysis for the Citrix Blled 2 flaw

Ingram Micro is one of the largest distributors of tech and cloud products.

A previously undocumented spyware called 'Batavia' has been targeting large industrial enterprises in Russia in a phishing email campaign that uses contract-related lures. [...]

Stephen Bonner, a top official at Britain's Information Commissioner’s Office (ICO), is set to join TikTok later this year, a move drawing criticism as an example of the "revolving door" between...

Use of Hard-coded Password vulnerability (CVE-2025-3920) has been found in SUR-FBD CMMS software.

Cybersecurity researchers have observed a 156% increase in credential theft incidents between 2024 and Q1 2025

AI coding is a big security problem when most security teams are still relying on tools designed for a world where human-written code remains prevalent. The post The dual reality of AI-augmented...

Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the...

A hacking group with ties other than Pakistan has been found targeting Indian government organizations with a modified variant of a remote access trojan (RAT) called DRAT. The activity has been...

Intel 471’s latest intelligence update for July reveals a surge in sophisticated cyber campaigns carried out by advanced... The post Global cyber threat campaigns escalate as APT groups target...

Kaspersky experts have discovered a new spyware called Batavia, which steals data from corporate devices.

The Federal Energy Regulatory Commission (FERC) has published a final action notice that approves proposed Reliability Standard CIP-015-1... The post FERC greenlights proposed NERC Reliability...