Emerging DOGE Big Balls ransomware campaign leverages multi-stage tooling and BYOVD exploits
A recent analysis of newly discovered payloads linked to the DOGE Big Balls ransomware operation reveals a complex infection chain…
Malicious npm packages hijack macOS Cursor AI IDE
The Socket Threat Research Team has uncovered a sophisticated supply chain attack targeting macOS developers using the Cursor AI code…
Stealthy Linux backdoor leveraging residential proxies and NHAS reverse SSH
A recently discovered Linux backdoor (SHA256: ea41b2bf1064efcb6196bb79b40c5158fc339a36a3d3ddee68c822d797895b4e) employs advanced evasion techniques to bypass detection while establishing persistent access via SOCKS5…
US indicts Black Kingdom ransomware operator: technical analysis of ProxyLogon exploitation and law enforcement response
The U.S. Department of Justice unsealed charges against Yemeni national Rami Khaled Ahmed (36) for deploying Black Kingdom ransomware via…
Sophisticated npm malware campaign exploits Cross-Ecosystem typosquatting
A coordinated malware operation targeting npm employs cross-ecosystem typosquatting to mimic popular libraries from Python, Java, C++, and .NET ecosystems.…
Dismantling “764”: inside the takedown of a sophisticated child exploitation network
In a significant development for cybersecurity and child protection efforts, law enforcement agencies have successfully apprehended two key figures allegedly…
Hijacking Trust: how Gmail and Google APIs are being weaponized for stealthy C2 channels
In the ever-evolving landscape of cybersecurity, attackers are increasingly exploiting trusted services to establish covert command-and-control (C2) channels. By leveraging…
Kintetsu World Express ransomware attack: technical overview and response
Kintetsu World Express (KWE), a major Japanese global logistics provider, has confirmed a significant ransomware attack that began impacting its…