Security News

Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection
2025-03-27 20:05

Microsoft’s .NET MAUI lets developers build cross-platform apps in C#, but its use of binary blob files poses new risks by bypassing Android’s DEX-based security checks.

Chinese FamousSparrow hackers deploy upgraded malware in attacks
2025-03-27 18:38

A China-linked cyberespionage group known as 'FamousSparrow' was observed using a new modular version of its signature backdoor 'SparrowDoor' against a US-based trade organization. [...]

APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware
2025-03-27 12:31

An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign...

EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
2025-03-26 13:53

The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and...

New Android malware uses Microsoft’s .NET MAUI to evade detection
2025-03-25 13:52

New Android malware campaigns use Microsoft's cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. [...]

⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
2025-03-24 11:35

A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn’t the...

FBI warnings are true—fake file converters do push malware
2025-03-23 14:09

The FBI is warning that fake online document converters are being used to steal people's information and, in worst-case scenarios, lead to ransomware attacks. [...]

Week in review: Veeam Backup & Replication RCE fixed, free file converter sites deliver malware
2025-03-23 09:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) Veeam...

Microsoft Trusted Signing service abused to code-sign malware
2025-03-22 14:30

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. [...]

Microsoft Trust Signing service abused to code-sign malware
2025-03-22 14:30

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. [...]