A recently reported cybersecurity incident has revealed a stealthy infection chain employed by the Chinese state-sponsored group known as Stone Panda. This threat actor has been targeting various entities in Japan, including media outlets, governmental and public sector organizations, as well as think tanks, raising alarms about the potential risk…
Emerging Cyber Threat: Collaboration Between Head Mare and Twelve Targets Russian Entities Recent intelligence from Kaspersky has revealed that two threat groups, known as Head Mare and Twelve, appear to have aligned their efforts to launch cyberattacks against Russian organizations. The firm’s analysis indicates that Head Mare has adopted tools…
A new variant of data-wiping malware, identified as CryWiper, has emerged and is specifically targeting Russian government institutions, such as mayoral offices and courthouses. Unlike traditional ransomware that encrypts data, CryWiper masquerades as ransomware but ultimately destroys data without providing any means of recovery. Kaspersky researchers Fedor Sinitsyn and Janis…
Sticky Werewolf: A New Wave of Cyberattacks Targeting Russia and Belarus The cybersecurity landscape has recently seen the emergence of a new threat actor known as Sticky Werewolf. This group is linked to targeted cyber operations primarily aimed at organizations in Russia and Belarus, utilizing a newly identified implant designed…
Google has issued urgent out-of-band security updates to rectify a critical vulnerability in its Chrome browser for Windows. This flaw, designated as CVE-2025-2783 (CVSS score: 8.3), has reportedly been exploited in real-world phishing attacks aimed primarily at organizations in Russia. Described as stemming from an “incorrect handle provided in unspecified…
This week brought a significant cybersecurity incident involving a 23-year-old Serbian activist whose Android device fell prey to a sophisticated zero-day exploit. Developed by Cellebrite, this exploit chain compromised the user’s phone, likely enabling the deployment of a spyware solution known as NoviSpy. The vulnerabilities, which exploit weaknesses in the…
Recent reports indicate that a new backdoor, deriving its functionalities from the CIA’s Hive multi-platform malware suite, has been deployed by unidentified threat actors. This suite, whose source code was exposed by WikiLeaks in November 2017, has shown new adaptability in the wild. Qihoo Netlab 360’s Alex Turing and Hui…
In an era where cyber threats are not merely evolving but rapidly mutating, the cybersecurity landscape continues to challenge defenses across various sectors, from global financial frameworks to vital infrastructure. With the advent of sophisticated cybercrime, ranging from state-sponsored espionage to ransomware attacks leveraging artificial intelligence, pressing questions arise about…
A new variant of the advanced point-of-sale (PoS) malware known as Prilex has emerged from Brazilian cybercriminals, introducing capabilities to disrupt contactless payment transactions. This follows the trend of malware evolution, as Prilex has shifted focus from ATM targeting to sophisticated PoS infiltration since its inception in 2014. According to…
