The multi-stage campaign, codenamed Operation DragonReturn by Seqrite Labs, involves sending spear-phishing emails impersonating the Income Tax Department of India.
Category Added in a WPeMatico Campaign
New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions
But TrojPix works only once malware is already on the target machine, so it
New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS
According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service (MaaS) model, costing anywhere between $150 for one month to $1,200 for lifetime access. Other subscription tiers include $300 for
Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages
In a proof of concept, they reconstructed a signed-in user’s full Gmail address from a single visit, with no click. Opera has patched the flaw and says it found no evidence that
SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
Their strongest trick slipped past every scanner tested more than 90% of the time, and the same team built a runtime checker that catches most of the
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
The odd part: the group that took the money calls itself Kairos, but it may not be a ransomware gang at all. Krishnan found no sign that it ever locked a single
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign
“The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts,
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
The flaws matter because FatFs is nearly everywhere. It ships inside the firmware that runs security cameras, drones, industrial controllers, hardware crypto wallets, and other devices built on
New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
Bad Epoll sits in the same small stretch of kernel code where Anthropic’s most powerful AI model, Mythos, recently found a different bug.
The AI caught one flaw and missed
New Avalon Malware Framework Packs CrownX Ransomware Capabilities
Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution, bringing together diverse functions under one
