Attackers are increasingly leveraging AI to compromise critical business assets, signaling a dangerous evolution in the threat landscape. Check Point Research’s AI Security Report 2025 highlights how threat actors are using AI for deepfake impersonation, automated malware creation, jailbroken LLMs, and generative disinformation campaigns. Following the campaigns involving AI lures to disseminate CyberLock, Lucky_Gh0$t, and […]
As GenAI continues to shape modern cybersecurity with its powerful advantages for strengthening defense mechanisms, it simultaneously introduces new risks as threat actors increasingly exploit the technology for malicious activities. Adversaries have been recently observed using fake AI installers as lures to spread diverse threats, including the CyberLock and Lucky_Gh0$t ransomware strains and a newly […]
The constantly changing cyber threat landscape is seeing the emergence of new malware variants driven by the widespread adoption of AI and its exploitation for offensive purposes. Defenders have recently observed adversaries weaponizing fake AI-powered tools to lure users into downloading a new information-stealing malware known as Noodlophile. The malware is often promoted through fake […]
Defenders have observed CoffeeLoader, a new stealthy malware that evades security protection using advanced evasion techniques and takes advantage of Red Team methods to boost its effectiveness. Distributed via SmokeLoader, CoffeeLoader implements secondary payloads while evading detection, making its stealthy attacks challenging to detect and defend against. Detect CoffeeLoader With more than 1 billion malware […]
According to ESET APT Activity Report Q2 2024-Q3 2024, China-linked threat groups dominate global APT campaigns, with MustangPanda responsible for 12% of activity during the observed quarters of 2024. Another nefarious China-backed APT group tracked as MirrorFace (aka Earth Kasha) has been observed expanding its geographical reach to target the diplomatic agency in the EU […]
Lumma Stealer, nefarious info-stealing malware, resurfaces in the cyber threat arena. Defenders recently uncovered an advanced adversary campaign distributing Lumma Stealer through GitHub infrastructure along with other malware variants, including SectopRAT, Vidar, and Cobeacon. Detect Lumma Stealer, SectopRAT, Vidar, Cobeacon Deployed via GitHub Lumma Stealer is a notorious data-stealing malware that extracts credentials, cryptocurrency wallets, […]
Financially motivated hackers are behind an ongoing malicious campaign targeting Poland and Germany. These phishing attacks aim to deploy multiple payloads, including Agent Tesla, Snake Keylogger, and a novel backdoor dubbed TorNet, which is delivered via PureCrypter malware. Detect TorNet Backdoor A significant rise in phishing campaigns, with a 202% increase in phishing messages over […]
New year, new menaces for cyber defenders. Cybersecurity researchers have uncovered a novel variant of the notorious Banshee Stealer, which is increasingly targeting Apple users worldwide. This stealthy infostealer malware employs advanced evasion techniques, successfully slipping past detection by leveraging string encryption from Apple’s XProtect antivirus engine. Going exclusively after macOS users, Banshee is capable […]
Hot on the heels of the re-emergence of a more advanced NonEuclid RAT variant in the cyber threat arena, a novel malware iteration known as the Eagerbee backdoor poses an increasing threat to organizations in the Middle East, primarily targeting Internet Service Providers (ISPs) and state agencies. The enhanced EAGERBEE backdoor variant can deploy payloads, […]
The modern-day cyber threat landscape is marked by the rise in malware variants that give attackers the green light to gain complete remote control over targeted systems, such as a nefarious Remcos RAT spread via a phishing attack vector. At the turn of January 2025, defenders unveiled an emerging stealthy malware dubbed NonEuclid RAT, which […]