The Lazarus threat group is hiding its payloads in bitmap image (BMP) files, as seen in spear-phishing attacks targeting victims in South Korea.
The U.S. federal agency advisory on the active exploits of five flaws comes in tandem with the U.S. government formally attributing the SolarWinds supply-chain attack to Russian Foreign Intelligence Service (SVR) actors.
The Lazarus threat group utilized a modified JavaScript sniffer to steal cryptocurrency from unsuspecting e-commerce website consumers.
An 18-month malware campaign on a gambling company reveals how the Iron Tiger threat group has updated its toolkit.
The Phosphorus attack group, also known as Charming Kitten, recently targeted medical researchers in a new spear phishing campaign.