Dec 16, 2025Ravie LakshmananMalware / Threat Detection An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on November 2, 2025, employs never-before-seen persistence…
Nov 17, 2025Ravie Lakshmanan Cybersecurity researchers have discovered malware campaigns using the now-prevalent ClickFix social engineering tactic to deploy Amatera Stealer and NetSupport RAT. The activity, observed this month, is being tracked by eSentire under the moniker EVALUSION. First spotted in June 2025, Amatera is assessed to be an evolution of ACR (short for “AcridRain”)…
In a massive departure from the series norm, the campaign in the newly released Call of Duty: Black Ops 7 is an online co-op experience from start to finish. Not only is the campaign always online, but as if it thought it was Elden Ring, you can’t pause it, and you’ll get booted for idling….
Baldur’s Gate 3 is an incredibly dense RPG, and I’m sure there are still players who have yet to see everything in Larian Studio’s Dungeons & Dragons adventure. However, for the sickos who have been combing through the game for two years and wish they had a reason to go back to it, a group…
Oct 22, 2025Ravie LakshmananMalware / Cyber Espionage The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa (MENA) region, including over 100 government entities. The end goal of…
Oct 20, 2025Ravie LakshmananBrowser Security / Malware Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to supply chain security company Socket. The browser…
Sep 12, 2025Ravie Lakshmanan Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France (CERT-FR). The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county that…
