Posts

ESET discovers how the North Korean group ScarCruft compromised the gaming platform sqgame to distribute the BirdCall backdoor on Windows and Android devices, in a supply-chain attack targeting ethnic Koreans in China.

The AccountDumpling operation abused Google AppSheet as a phishing relay to bypass email filters and compromise over 30,000 Facebook Business accounts in a campaign linked to Vietnamese threat actors.

A cybercriminal group that emerged in 2025 reveals its true operational scale. Researchers discovered more than 1,570 compromised corporate networks that never made headlines, with presence in over 50 countries and living-off-the-land tactics.

GPT-5.4-Cyber and Claude Mythos. The consolidation of frontier models in software analysis and vulnerability remediation.

When a `git push` is enough to compromise GitHub

Storm-1175 and Medusa Ransomware. Anatomy of a High-Velocity Attack