A newly identified ransomware operation called **Spirals** has completed a full corporate network compromise — initial access, lateral movement, data exfiltration, and full encryption — [in under 24 h
Cybersecurity researchers have published details of a sustained, multi-group espionage campaign that ran from **February 2024 through April 2026** — over two years — against Pakistani law enforcement
Microsoft has disclosed a newly discovered malware family dubbed **Crypto Clipper** — a self-propagating backdoor that spreads via USB drives, silently intercepts cryptocurrency transactions, and rout
The FBI, working with Google and Lumen Technologies' Black Lotus Labs, has seized and dismantled **Outsider Enterprise**, a Chinese-operated phishing-as-a-service (PhaaS) platform that ran [over one m
A threat actor tracked as **PCPJack** has quietly compromised at least 230 cloud servers across Amazon Web Services, Google Cloud Platform, and Microsoft Azure, repurposing them as a covert SMTP email
A Chinese-speaking threat actor has expanded operations into Europe, deploying a previously undocumented remote access trojan called Atlas alongside an additional backdoor component, according to [Ble
Dutch authorities have [taken offline a massive botnet comprising 17 million infected devices](https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infecte
Between March and April 2026, the North Korean state-sponsored group Kimsuky (also tracked as Velvet Chollima) [ran a targeted campaign](https://thehackernews.com/2026/05/kimsuky-deploys-httpspy-expan
A previously unknown threat actor, tracked as **JINX-0164**, is running an active campaign against cryptocurrency organizations — using fake recruitment outreach to deliver custom macOS malware with t