News

Beyond the kill chain: What cybercriminals do with their money (Part 3)

Bys s May 15, 2025

In the third of our five-part series, Sophos X-Ops explores the more legally and ethically dubious business interests of financially motivated threat actors

News

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign
Bys s October 24, 2025

A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT. The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe (aka APT36), a state-sponsored hacking group known to be active since at least 2013….

Read More APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign
News

Semgrep Raises $100M for AI-Powered Code Security Platform
Bys s February 6, 2025

San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. The post Semgrep Raises $100M for AI-Powered Code Security Platform appeared first on SecurityWeek.

Read More Semgrep Raises $100M for AI-Powered Code Security Platform
News

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
Bys s December 16, 2025

Amazon’s threat intelligence team has disclosed details of a “years-long” Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025. Targets of the campaign included energy sector organizations across Western nations, critical infrastructure providers in North America and Europe, and entities with cloud-hosted network infrastructure. The activity has

Read More Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
News

Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks
Bys s February 11, 2025

Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025. NetSupport RAT, typically propagated via bogus websites and fake browser updates, grants attackers full control over the victim’s host, allowing them to monitor the device’s screen in real-time, control the keyboard and mouse,…

Read More Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks
News

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Bys s August 29, 2025

Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The issue, which is yet to be assigned a CVE identifier, has been addressed in Passwordstate 9.9 (Build 9972), released August 28, 2025. The Australian company said it fixed a…

Read More Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
News

When a deal is not a done deal: Nova demands higher payment from Clinical Diagnostics
Bys s August 19, 2025

Last week, it appeared that Clinical Diagnostics (“Eurofins”) had paid a gang’s demands not to leak patient data that Nova had exfiltrated during a ransomware attack in July. Clinical Diagnostics in the Netheralands held patient data on 485,000 Dutch women in a cervical cancer screening program. Nova confirmed the payment to a Dutch news outlet…….

Read More When a deal is not a done deal: Nova demands higher payment from Clinical Diagnostics

Similar Posts