Bleeping Computer

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. Researchers at cybersecurity ...

Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.

This Scam Impersonates the Official Claude Code Website to Spread Malware

Scammers are using cloned versions of popular AI coding tools to spread info-stealing malware through fake installation ...
Computer Weekly

APT36 unleashes AI-generated ‘vibeware’ to flood targets

The Pakistani threat group has been using AI to rewrite malicious code across multiple programming languages, prioritising scale over sophistication to evade detection, security researchers have found ...
IEEE

Designing a Static Malware Analysis Framework for Detecting Malicious Malware Code with Ghidra

Abstract: Malware analysis is an integral part of cybersecurity, however traditional signature-based detection techniques are inadequate for advanced obfuscation techniques. This paper proposes a ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...