The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

In mid-2025, Kaspersky researchers identified a malicious driver file on computer systems in Asia. The driver file is signed with an old, stolen, or leaked digital certificate and registers as a mini-filter driver on infected machines. Its end-goal is to Read More …

Malware in 2025 spread far beyond Windows PCs

If there’s one thing that became very clear in 2025, it’s that malware is no longer focused on Windows alone. We’ve seen some major developments, especially in campaigns targeting Android and macOS. Unfortunately, many people still don’t realize that protecting Read More …

Accused data thief threw MacBook into a river to destroy evidence

South Korean e-tailer Coupang claims a former employee has admitted to improperly accessing data describing 33 million of its customers, but says the accused deleted the stolen data. In a post published on Christmas, Coupang revealed it worked with Mandiant, Palo Read More …

South Korea: Shinhan Card reports massive data breaches

Shinhan Card, one of the country’s top credit card issuers, reported a massive data leak Tuesday. The Seoul-based company said more than 190,000 cases of potential data exposure have been identified that involve merchant partners’ personal and business information. The Read More …

Threat landscape for industrial automation systems in Q3 2025

In Q3 2025, the percentage of ICS computers on which malicious objects were blocked decreased from the previous quarter by 0.4 pp to 20.1%. This is the lowest level for the observed period. Regionally, the percentage of ICS computers on which Read More …

Hackers stole over $2.7B in crypto in 2025, data shows

Cybercriminals stole $2.7 billion in crypto this year, a new record for crypto-stealing hacks, according to blockchain-monitoring firms. Once again, in 2025, there were dozens of crypto heists hitting several cryptocurrency exchanges and other web3 and decentralized finance (DeFi) projects. Read More …

US insurance giant Aflac says hackers stole personal and health data of 22.6 million people

In June, U.S. insurance giant Aflac disclosed a data breach where hackers stole customers’ personal information, including Social Security numbers and health information, without saying how many victims were affected. On Tuesday, the company confirmed it has begun notifying around Read More …

From cheats to exploits: Webrat spreading via GitHub

In early 2025, security researchers uncovered a new malware family named Webrat. Initially, the Trojan targeted regular users by disguising itself as cheats for popular games like Rust, Counter-Strike, and Roblox, or as cracked software. In September, the attackers decided Read More …

Evasive Panda APT poisons DNS requests to deliver MgBot

The Evasive Panda APT group (also known as Bronze Highland, Daggerfly, and StormBamboo) has been active since 2012, targeting multiple industries with sophisticated, evolving tactics. Our latest research (June 2025) reveals that the attackers conducted highly-targeted campaigns, which started in Read More …