Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
June 17, 2026
Zimperium disclosed Rokarolla, an Android trojan with a 137-command C2 framework that targets 217 banking and cryptocurrency apps via dynamic
Endpoint Security
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Zimperium disclosed Rokarolla, an Android trojan with a 137-command C2 framework that targets 217 banking and cryptocurrency apps via dynamic overlay attacks.
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
Kaspersky found malicious Wallpaper Engine packages on Steam Workshop delivering DarkKomet, Lumma, Vidar, and ransomware loaders to gamers who installed them.
GhostTree NTFS Junctions Paralyze Windows Defender Scans
Varonis disclosed GhostTree, an NTFS junction technique that uses recursive loops to block Windows Defender scans, requiring only standard user permissions.
Endpoint Security Solutions: How to Protect Every Enterprise Device
Discover what endpoint security solutions are, how EDR and EPP work, and how to implement enterprise endpoint protection.
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
North Korean APT37 deployed NarwhalRAT, a new backdoor with encrypted custom C2, via fake Microsoft OTP security alerts targeting South Korean defense and crypto sectors.
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
ESET Research disclosed WIN_DRV, a kernel-mode Windows rootkit linked to China-aligned Earth Lusca — the first confirmed Windows variant of SprySOCKS — signed with a ...
What Is Scareware? How Fake Security Warnings Lead to Real Malware
Scareware tricks users with fake virus warnings into paying for rogue security software. Learn how it works, examples, and how to remove it.
Awesome Motive CDN Compromised; Backdoor Served to OptinMonster Users
Attackers hijacked Awesome Motive's CDN to push a backdoor to OptinMonster, TrustPulse, and PushEngage, creating rogue admin accounts on WordPress sites.
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
OnyxC2, a new MaaS information stealer priced at $250 per month, targets 200-plus applications using DLL sideloading and encryption to evade detection.
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
Security researcher Nightmare Eclipse dropped RoguePlanet, an unpatched LPE zero-day in Microsoft Defender that grants SYSTEM on fully patched Windows.
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
June 17, 2026
Kaspersky found malicious Wallpaper Engine packages on Steam Workshop delivering DarkKomet, Lumma, Vidar, and ransomware loaders to gamers who installed
GhostTree NTFS Junctions Paralyze Windows Defender Scans
June 17, 2026
Varonis disclosed GhostTree, an NTFS junction technique that uses recursive loops to block Windows Defender scans, requiring only standard user
Endpoint Security Solutions: How to Protect Every Enterprise Device
June 17, 2026
Discover what endpoint security solutions are, how EDR and EPP work, and how to implement enterprise endpoint protection.
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
June 16, 2026
North Korean APT37 deployed NarwhalRAT, a new backdoor with encrypted custom C2, via fake Microsoft OTP security alerts targeting South
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
June 16, 2026
ESET Research disclosed WIN_DRV, a kernel-mode Windows rootkit linked to China-aligned Earth Lusca — the first confirmed Windows variant of
What Is Scareware? How Fake Security Warnings Lead to Real Malware
June 15, 2026
Scareware tricks users with fake virus warnings into paying for rogue security software. Learn how it works, examples, and how
Awesome Motive CDN Compromised; Backdoor Served to OptinMonster Users
June 15, 2026
Attackers hijacked Awesome Motive’s CDN to push a backdoor to OptinMonster, TrustPulse, and PushEngage, creating rogue admin accounts on WordPress
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
June 12, 2026
OnyxC2, a new MaaS information stealer priced at $250 per month, targets 200-plus applications using DLL sideloading and encryption to
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
June 11, 2026
Security researcher Nightmare Eclipse dropped RoguePlanet, an unpatched LPE zero-day in Microsoft Defender that grants SYSTEM on fully patched Windows.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.