The Hacker News

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Storm-0249 now employs ClickFix, fileless PowerShell, and DLL sideloading to gain stealthy access that enables ransomware ...

Ransomware gangs turn to Shanya EXE packer to hide EDR killers

Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR ...

Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks

Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in ...
The Hacker News

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Researchers detail JS#SMUGGLER, a multi-stage web attack using JavaScript, HTA, and PowerShell to deploy NetSupport RAT on ...

Shanya Emerges As Top EDR-Killing Tool For Ransomware Gangs

A highly advanced “packer-as-a-service” known as Shanya, also referred to as VX Crypt, has become the preferred weapon for ransomware gangs seeking to ...
Israel National News

Hamas-linked group expands cyber espionage campaign

Palo Alto Networks reports Hamas‑linked cyber group deploying new tools and infrastructure as it targets regional governments ...
Arabian Post on MSN

LockBit 5.0 infrastructure leak reveals exposed servers and domains

Security researchers have uncovered critical infrastructure details tied to the ransomware operation LockBit 5.0, exposing a publicly accessible server and domain used by the gang. The server, ...
Infosecurity Magazine

DeadLock Ransomware Uses BYOVD to Evade Security Measures

A custom loader initiated the vulnerable driver, located targeted endpoint detection services then issued kernel-level ...