Kaspersky found a WhatsApp phishing campaign using VBScript to install ManageEngine RMM software across multiple countries, granting attackers remote access.
Learn what cloud detection and response (CDR) is, how it works, and practical steps to secure cloud workloads with real‑time
Zimperium disclosed Rokarolla, an Android trojan with a 137-command C2 framework that targets 217 banking and cryptocurrency apps via dynamic
Kaspersky found malicious Wallpaper Engine packages on Steam Workshop delivering DarkKomet, Lumma, Vidar, and ransomware loaders to gamers who installed
Varonis disclosed GhostTree, an NTFS junction technique that uses recursive loops to block Windows Defender scans, requiring only standard user
Discover what endpoint security solutions are, how EDR and EPP work, and how to implement enterprise endpoint protection.
North Korean APT37 deployed NarwhalRAT, a new backdoor with encrypted custom C2, via fake Microsoft OTP security alerts targeting South
ESET Research disclosed WIN_DRV, a kernel-mode Windows rootkit linked to China-aligned Earth Lusca — the first confirmed Windows variant of
Scareware tricks users with fake virus warnings into paying for rogue security software. Learn how it works, examples, and how
Attackers hijacked Awesome Motive’s CDN to push a backdoor to OptinMonster, TrustPulse, and PushEngage, creating rogue admin accounts on WordPress
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.