The Hacker News

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Updated LOTUSLITE targets India banking sector via CHM and DLL side-loading, expanding espionage campaign to South Korea and ...
The Hacker News

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

Tropic Trooper used trojanized SumatraPDF and GitHub C2 in 2024 to deploy AdaptixC2, enabling covert VS Code tunnel access.
Infosecurity Magazine

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...
Dark Reading

'The Gentlemen' Rapidly Rises to Ransomware Prominence

Not nearly as polite as the name suggests, the ransomware gang has impressed researchers with its speed in scaling up ...

Threat actor uses Microsoft Teams to deploy new “Snow” malware

A threat group tracked as UNC6692 uses social engineering to deploy a new "Snow" malware set that includes a browser ...
Cryptopolitan

North Korea’s Lazarus Group targets crypto, high-value execs with ‘Mach-O Man’ macOS malware kit

North Korea's Lazarus Group has launched advanced malware targeting macOS devices. Mach-O Man, as it is called, is designed ...

The Gentlemen ransomware now uses SystemBC for bot-powered attacks

A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an ...

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers are abusing Microsoft Teams chats to impersonate IT support, gain remote access, move laterally, and steal company ...
Security Boulevard

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...
DataBreachToday

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...
Hosted on MSN

Cloud tools reshape how Minecraft servers are run and secured

Cloud platforms, automation mods, and remote management tools are redefining Minecraft server hosting, blending gaming culture with enterprise-grade practices. From Google Cloud setups to plugins that ...

New Mac malware goes straight for developer keys

Two newly discovered macOS threats are designed to harvest developer credentials and cloud access as attackers focus on ...