
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
North Korean APT37 deployed NarwhalRAT, a new backdoor with encrypted custom C2, via fake Microsoft OTP security alerts targeting South

North Korean APT37 deployed NarwhalRAT, a new backdoor with encrypted custom C2, via fake Microsoft OTP security alerts targeting South

ESET Research disclosed WIN_DRV, a kernel-mode Windows rootkit linked to China-aligned Earth Lusca — the first confirmed Windows variant of

Scareware tricks users with fake virus warnings into paying for rogue security software. Learn how it works, examples, and how

Attackers hijacked Awesome Motive’s CDN to push a backdoor to OptinMonster, TrustPulse, and PushEngage, creating rogue admin accounts on WordPress

OnyxC2, a new MaaS information stealer priced at $250 per month, targets 200-plus applications using DLL sideloading and encryption to

Security researcher Nightmare Eclipse dropped RoguePlanet, an unpatched LPE zero-day in Microsoft Defender that grants SYSTEM on fully patched Windows.

Exodus Intelligence released a working exploit for Linux kernel CVE-2026-23111, a nf_tables flaw enabling root escalation on unpatched Ubuntu and

Veeam patched CVE-2026-44963, a CVSS 9.4 RCE flaw letting any domain user execute code on backup servers across its 550,000-customer

Dropper malware secretly installs payloads while evading detection. Learn how droppers work, evasion techniques, and endpoint defense strategies.

Fortinet researchers found C0XMO, a Gafgyt variant exploiting CVE-2021-27137 in DD-WRT routers, that kills rival botnets and supports 19 DDoS
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.