News • Insights • Analysis
During a September 2025 incident response investigation, Unit 42 discovered a rogue virtual machine (VM) which they believe with high confidence to be used by the cybercrime group Muddled Libra (aka Scattered Spider, UNC3944). The contents of this rogue VM Read More …
North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentralized finance (DeFi) verticals. Mandiant recently investigated an intrusion targeting a FinTech entity within this sector, attributed to UNC1069, a financially motivated threat actor active since Read More …
Russian cybercriminals are trying to deploy backdoors and infostealers on people’s computers through a new ClickFix campaign – but this one comes with a sinister twist. ClickFix attacks are usually centered around pop-ups – the victim gets an error message, Read More …
In early 2025, security researchers uncovered a new malware family named Webrat. Initially, the Trojan targeted regular users by disguising itself as cheats for popular games like Rust, Counter-Strike, and Roblox, or as cracked software. In September, the attackers decided Read More …
Brazil has seen a recent surge of threats delivered via WhatsApp. As observed in Trend Micro previously published research on the SORVEPOTEL malware and the broader Water Saci campaignopen on a new tab, this popular platform has been used to Read More …
North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned. Security researchers Jamf confirmed they have spotted attacks in the wild Read More …
The construction sector is increasingly vulnerable to ransomware attacks in 2025 due to its complex ecosystem and distinctive operational challenges. Construction projects typically involve a web of contractors, subcontractors, suppliers, and consultants, collaborating through shared digital platforms and exchanging sensitive Read More …
Phishing remains one of the most persistent and adaptive threats in cybersecurity. It is common and widespread for cybercriminals to impersonate reputable IT companies in phishing campaigns, exploiting the trust these brands have built and thus targeting both affected companies Read More …
The Federal Bureau of Investigation (FBI) warns the public about an evolving financial fraud scheme targeting Chinese speaking individuals residing in the United States in which criminals impersonate US health insurance providers and Chinese law enforcement. Targeted individuals receive a Read More …
Imagine a scenario where malicious actors don’t need to trick you into giving up your password. They have no need to perform sophisticated social engineering attacks or exploit vulnerabilities in your operating system.Instead, they can simply force your computer to Read More …
