A new Android spyware called ClayRat is luring potential victims by posing as popular apps and services like WhatsApp, Google Photos, TikTok, and YouTube. […]
Microsoft: Hackers target universities in “payroll pirate” attacks
A cybercrime gang tracked as Storm-2657 has been targeting university employees in the United States to hijack salary payments in “pirate payroll” attacks since March 2025. […]
Hackers now use Velociraptor DFIR tool in ransomware attacks
Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware. […]
Microsoft Defender mistakenly flags SQL Server as end-of-life
Microsoft is working to resolve a known issue that causes its Defender for Endpoint enterprise endpoint security platform to incorrectly tag SQL Server software as end-of-life. […]
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware
A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL.
“The initially observed campaigns were tailored to the targets, and the messages purported to be sent by senior researchers and analysts from legitimate-sounding, completely
“The initially observed campaigns were tailored to the targets, and the messages purported to be sent by senior researchers and analysts from legitimate-sounding, completely
RondoDox botnet targets 56 n-day flaws in worldwide attacks
A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosed during Pwn2Own hacking competitions. […]
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them.
“Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos with the front
“Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos with the front
Microsoft: Windows Backup now available for enterprise users
Microsoft announced this week the general availability of Windows Backup for Organizations, a new enterprise-grade backup tool that helps simplify backups and makes the transition to Windows 11 easier. […]
SonicWall: Firewall configs stolen for all cloud backup customers
SonicWall has confirmed that all customers that used the company’s cloud backup service are affected by the security breach last month. […]
From infostealer to full RAT: dissecting the PureRAT attack chain
Researchers map a campaign that escalated from a Python infostealer to a full PureRAT backdoor — loaders, evasions, and TLS-pinned C2. Join Huntress Labs’ Tradecraft Tuesday for deep technical walkthroughs and live IOC guidance on the latest cybersecurity topics. […]