The Rokarolla Android banking trojan evolved beyond credential theft with a 137-command C2 framework targeting 217 banking and cryptocurrency applications.
Researchers identified Phantom Stealer as a new fileless credential stealer targeting all browsers via in-memory execution and anti-analysis techniques.
Investigation reveals INC ransomware achieves consistent revenue by targeting healthcare, education, and local government with rapid encryption and data exfiltration.
Gentlemen ransomware-as-a-service operation develops and maintains purpose-built endpoint detection kill tools to disable security protections before ransomware deployment.
Symantec found that DragonForce ransomware deployed Backdoor.Turn, a Go implant that hides C2 traffic inside Microsoft Teams TURN relay infrastructure.
Zimperium disclosed Rokarolla, an Android trojan with a 137-command C2 framework that targets 217 banking and cryptocurrency apps via dynamic
Nightspire ransomware listed four US victims including Blue Nile Medical Center with 3,000 exposed patient EHR records and Silsbee Police
Oleksii Lytvynenko, a Ukrainian national extradited from Ireland, pleaded guilty to developing the malware loader that delivered Conti ransomware payloads.
TheGentlemen ransomware posted 20 new victims across 14 countries, including Croatia’s Health Ministry and Denmark’s National Museum, using double extortion.
Triple extortion ransomware attacks combine encryption, data theft, and DDoS pressure to coerce payment from multiple angles. This guide explains
Cybercrime group associated with Trivy attack uploads malicious Telnyx packages to PyPI aiming to deploy credential-stealing malware.
A recent FBI takedown of the LeakBase cybercrime forum disrupts major online criminal activities.
Texas accuses TP-Link of falsely advertising its routers’ security, allowing Chinese state-backed hackers to exploit firmware vulnerabilities and acce…
Polish authorities have arrested a 47-year-old man suspected of participating in cybercrimes associated with the Phobos ransomware. During the operation,
The FBI has effectively dismantled RAMP, a prominent cybercriminal forum. Known for its bold promotion of ransomware activities, RAMP’s seizure
Decentralized pro-Russian hacktivist cells execute targeted DDoS campaigns across Europe, leveraging volunteer botnets and pre-announced attacks to disrupt governments, banks,
Ukraine and Germany confirm the identity of the Black Basta ransomware leader, now on the Europol and Interpol wanted lists.
Russian national Oleg Evgenievich Nefekov, involved in major ransomware activities, has evaded capture, reportedly returning to his homeland. German authorities
A significant legal breakthrough marks only the second successful prosecution of a consumer spyware vendor in over ten years by
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group
Authorities arrest a Lithuanian individual suspected of deploying clipboard-stealer malware through KMSAuto, impacting 2.8 million computers. The tool, camouflaged as
Artem Stryzhak, an alleged affiliate of the Nefilim ransomware group, has pleaded guilty to conspiracy to commit computer fraud in
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.