Fileless malware is a bit of a misnomer. While traditional malware contains the bulk of its malicious code within an executable file saved to the victim’s storage drive, fileless malware’s malicious actions reside solely in memory.

In a recent report, Octoverse revealed that almost a fifth (around 17%) of all software bugs in GitHub were intentionally placed as backdoors by cybercriminals.

During a routine Dark web monitoring, the Research team at Cyble found multiple posts where threat actors are offering for sale alleged data leaks related to Chinese citizens.

A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft purposes.

Russian hackers staged their attacks from servers inside the U.S. — sometimes using computers in the same town or city as the victims, cybersecurity company FireEye revealed to the New York Times.

Financial institutions in the U.S. and Canada are under threat from a new credential stealer that targets various browsers such as Chrome, Opera, and Microsoft Edge.

Researchers from security firm ThreatNix spotted a new large-scale campaign abusing Facebook ads. Threat actors are using Facebook ads to redirect users to Github accounts hosting phishing pages used to steal victims’ login credentials.

Zyxel has released a patch to address a critical vulnerability in its firmware concerning a hardcoded undocumented secret account that could be abused by an attacker to login with administrative privileges and compromise its networking devices.

Security experts from threat intelligence firm Cyble have found several documents relating to the Covid-19 vaccine allegedly stolen from the European Medicines Agency (EMA) leaked in the Darkweb.

From SolarWinds hack to vaccine-related attacks, the final weeks of a challenging year have proven even more difficult with the exposure of the latest serious nation-state cyberattack.