A routine update turned a widespread adware program into a powerful antivirus killer, putting nearly 24,000 systems at risk for cyberattacks. Discover how a single software update exposed governments, corporations, and individuals to unprecedented danger.
NWHStealer is a stealthy new malware distributed via fake VPN sites and gaming mods. It targets browser data, credentials, and cryptocurrency wallets, using advanced evasion techniques. Here’s how the campaign works—and how you can stay safe.
A new malware campaign uses fake VPN and game mod websites to distribute NWHStealer, a Windows infostealer targeting browser credentials and cryptocurrency wallets. Attackers exploit trusted brands and platforms, making vigilance crucial for users.
A dramatic surge in phishing campaigns has exposed how attackers are abusing n8n automation webhooks to deliver malware and track victims, turning trusted workflow platforms into cybercrime tools.
Cybercriminals used AI-generated news and deepfake images to hijack Google Discover feeds in a global scam, tricking millions into clicking malicious links and installing malware.
A hidden backdoor in the EssentialPlugin WordPress suite has unleashed malware across thousands of sites, highlighting the dangers of plugin supply chain attacks and the need for vigilant security practices.
A massive supply chain breach weaponized over 30 WordPress plugins, infecting hundreds of thousands of sites with hidden malware after a business acquisition went rogue. The attack lay dormant for eight months, revealing systemic flaws in WordPress plugin oversight.
A $10 unregistered domain nearly enabled hackers to seize control of 25,000 vulnerable systems worldwide—including those in OT, government, and Fortune 500 networks. Huntress researchers' swift intervention exposed a major supply chain risk.
The HanGhost loader campaign targets employees in payments and logistics, using fileless and evasive malware to infiltrate business-critical systems. Discover how this threat operates and what security teams must do to detect it before it’s too late.
A sophisticated cyberattack has weaponized Obsidian's plugin system, transforming the popular note-taking app into a stealthy cross-platform malware delivery tool. Discover how attackers bypassed traditional defenses without exploiting software bugs.