Two apparently separate North Korean crypto theft campaigns targeting macOS users appear to be linked as threat actors mix and match droppers and payloads.
Learn how threat actors are exploiting Confluence CVE-2023-22518 to deploy Cerber ransomware on Linux and Windows hosts.
An emerging infostealer being sold on Telegram looks to harness generative AI to streamline cyber attacks on cloud services.
The rise of macOS infostealers continues with the latest entrant aiming to compromise business environments with targeted social engineering lures.
Notorious botnet and infostealer XLoader makes a return to macOS with a new dropper and malware payload.
Understanding the complex threat landscape facing businesses today from state-sponsored cyber attacks is crucial to effective cyber defense.
Crimeware actors have launched an extensive campaign to target macOS users with malware disguised in multiple fake blockchain games.
Threat actors are using increasingly sophisticated forms of evasion and anti-analysis as they respond to increased attention to macOS security in the enterprise.
A macOS infostealer being sold on Telegram, Atomic Stealer has a second variant that appears primed to target users directly on YouTube.
Discovery of a macOS variant of LockBit has caused alarm, but how serious a threat is it? We explore the malware and the threat of ransomware on Apple Macs.
SentinelLabs uncover a previously unknown set of espionage campaigns conducted by Winter Vivern advanced persistent threat (APT) group.
Stealing data from Mac devices can unlock the door for both financially-motivated cybercrime and espionage. Learn how recent macOS malware does it.
The rise of publicly-accessible Al models like ChatGPT has produced some interesting attempts to create malware. How seriously should defenders take them?
A cryptominer that uses the Invisible Internet protocol, Honkbox variants could still be evading some detection solutions.
.NET malware loaders distributed through malvertising are using obfuscated virtualization for anti-analysis and evasion in an ongoing campaign.
SEO poisoning is gaining momentum as threat actors leverage malicious ads to deliver malware through web browser searches.
Stay ahead of the game with our review on macOS malware threats. Learn about the top techniques used by threat actors to deliver malware and how to build more resilient defenses.
The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.
In the name of Russia's war in Ukraine, NoName057(16) abuses GitHub and Telegram in an ongoing campaign to disrupt NATO's critical infrastructure.
New PolyVice ransomware is likely in use by multiple threat actors building re-branded payloads with the same custom encryption scheme.