New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.

Officials of Ukraine's Defense Forces were targeted in a charity-themed campaign between October and December 2025 that ...

Iran-linked advanced persistent threat group MuddyWater has deployed a Rust-based implant in an ongoing espionage campaign ...

A malware, called “Sturnus,” has emerged, and it exploits Android’s accessibility features to spread on your phone even without you noticing. It gains access to your Android after being installed via ...

A new Android banking Trojan called Herodotus mimics human behavior, such as random keystroke delays, to evade detection tools. The malware employs device-takeover tactics, including the abuse of ...

Threat actors are conducting a new malicious campaign deploying the Stealit malware via disguised applications, according to Fortinet. The cybersecurity provider’s threat research lab, FortiGuard Labs ...

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its ...

A new report out today from mobile security firm iVerify Inc. sheds light on the alarming ease with which cybercriminals can now rent advanced Android malware through subscription-based ...

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...

Hackers are stashing malware in a place that’s largely out of the reach of most defenses—inside domain name system (DNS) records that map domain names to their corresponding numerical IP addresses.

A widespread malware campaign is currently affecting millions of smart home devices, including TVs, streaming boxes, and tablets running Android software. A recent FBI alert warns consumers about the ...