WhatsApp phishing attack uses fake business docs to hack PCs

An ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript ...
WeLiveSecurity

Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances

ESET Research analyzes Gamaredon’s new toolset and the group’s growing reliance on legitimate online services to hide its C&C ...
Moneylife

Fraud Alert: Boss Scam 2.0 & Risky Attachments on WhatsApp

Fiercely independent and pro-consumer information on personal finance. Complete access to Moneylife archives since inception ...
Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
TMCnet

ESET Research investigates Russian-aligned Gamaredon group - new toolset, alliances, and a reliance on legitimate services

Throughout 2025, the Russia-aligned Gamaredon threat group exclusively targeted governmental and military institutions in Ukraine. Gamaredon operators developed and deployed six new malicious ...

New WhatsApp phishing campaign allows for remote access from a single business document

WhatsApp users are getting shady documents from their contacts, leading to an infection.
The Hacker News

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The ...
Windows Report

WhatsApp Malware Campaign Targets Users With Fake Business Documents

Kaspersky warns of a WhatsApp malware campaign using fake business documents to install remote access tools on Windows PCs.
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.
Dark Reading

Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs

At least two Russia-aligned threat clusters have exploited a high-severity WinRAR flaw that has been patched for nearly a year in email-based attacks against military and government organizations in ...