Advertisement
Understanding Persistent BEC Success: AI-Driven Defense & Mitigation
BEC attacks thrive on sophisticated impersonation, bypassing traditional defenses. This analysis explores why these threats persist and offers AI-driven detection and
WordPress Formidable Forms Abused to Distribute Malicious PDF Files
Attackers are leveraging the WordPress Formidable Forms plugin to host malicious PDF documents, bypassing security filters to deliver phishing and malware.

Russian Intelligence Steals Messaging Credentials via SMS Lures
Ukraine and the FBI expose a long-running Russian intelligence campaign using fake support messages to compromise officials' messaging accounts.

FBI Warns: Russian APTs Target Signal Backup Keys via Phishing
FBI and CISA warn of Russian intelligence targeting Signal users. Attackers phish for backup recovery keys, enabling full account takeover and message history access.

Operation Escaneo: Hybrid Espionage and Cybercrime Trends in LatAm
Analysis of Operation Escaneo, a threat group blending intelligence collection with cybercrime across Latin America using njRAT and AsyncRAT variants.

NastyC2 npm Packages, AI Abuse & macOS Threats Identified
Analysis of NastyC2 npm supply chain attacks, Claude chat abuse for malware, memory-resident macOS threats, and device-code phishing.

ScarCruft Deploys NarwhalRAT via Fake Microsoft Security Alerts
North Korean threat actor ScarCruft (APT37) is deploying NarwhalRAT via spear-phishing emails that mimic official Microsoft Account security notifications.

North Korean APT Targets Developers via Malicious Tooling
North Korean threat cluster Contagious Interview exploits developer recruitment and code review phishing to deliver malware via tainted dev tools.
NSO Group Phishing Operations Persist Against WhatsApp Users
NSO Group continues to target WhatsApp users with phishing attacks in violation of court orders. Learn how to detect NSO Group phishing attacks today.

NSO Group's WhatsApp Phishing Blocked: Meta Files Contempt Order
Meta detected and blocked new spear-phishing attacks by NSO Group targeting WhatsApp users, leading to a federal court contempt order filing.
Excel VBA Macro Obfuscation: How to Detect Hidden Payloads
Learn how to analyze and detect obfuscated VBA macros in Excel files using oledump.py. Technical guide on character substitution and string reversal techniques.
2026 Verizon DBIR Analysis: Securing the Browser Against Phishing
The 2026 Verizon DBIR identifies browser-layer security gaps as a primary threat vector, highlighting risks from phishing, shadow AI, and malicious extensions.