New malware LOSTKEYS uncovered in COLDRIVER campaign targeting Western governments and NGOs
The Google Threat Intelligence Group (GTIG) has recently uncovered a sophisticated new malware strain, dubbed LOSTKEYS, deployed by the Russian…
German authorities shut down major crypto-swapping platform “eXch,” seizing €34 million in illicit assets
On April 30, 2025, the Frankfurt am Main General Prosecutor’s Office-Central Unit for Combating Internet Crime (ZIT)-in close collaboration with…
Tactical reality behind the India-Pakistan hacktivist surge
In May 2025, a wave of hacktivist activity targeting Indian digital infrastructure sparked widespread alarm in media and social networks,…
From PDF invoice to geo-fenced RAT delivery campaign
A recent campaign targeting Southern European organizations demonstrates advanced evasion techniques combining social engineering, trusted platforms, and geolocation filtering. The…
Emerging DOGE Big Balls ransomware campaign leverages multi-stage tooling and BYOVD exploits
A recent analysis of newly discovered payloads linked to the DOGE Big Balls ransomware operation reveals a complex infection chain…
Malicious npm packages hijack macOS Cursor AI IDE
The Socket Threat Research Team has uncovered a sophisticated supply chain attack targeting macOS developers using the Cursor AI code…
Stealthy Linux backdoor leveraging residential proxies and NHAS reverse SSH
A recently discovered Linux backdoor (SHA256: ea41b2bf1064efcb6196bb79b40c5158fc339a36a3d3ddee68c822d797895b4e) employs advanced evasion techniques to bypass detection while establishing persistent access via SOCKS5…
US indicts Black Kingdom ransomware operator: technical analysis of ProxyLogon exploitation and law enforcement response
The U.S. Department of Justice unsealed charges against Yemeni national Rami Khaled Ahmed (36) for deploying Black Kingdom ransomware via…