Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Sm
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting ads
Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team
Unit 42 identifies a recruitment phishing campaign targeting senior professionals via impersonation and fraudulent resume fees. The post Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team appeared first on Unit 42.
Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government
Unit 42 uncovers multiple clusters of cyberespionage targeting a Southeast Asian government organization with USBFect, RATs and loaders. The post Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government appeared first on Unit 42.
Understanding Current Threats to Kubernetes Environments
Unit 42 uncovers escalating Kubernetes attacks, detailing how threat actors exploit identities and critical vulnerabilities to compromise cloud environments. The post Understanding Current Threats to Kubernetes Environments appeared first on Unit 42.
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors
Introduction Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices. Based on toolmarks in recovered payloads, we believe the exploit chain to be called DarkSword. Since at
M-Trends 2026: Data, Insights, and Strategies From the Frontlines
Every year, the cyber threat landscape forces defenders to adapt to evolving adversary tactics, techniques, and procedures (TTPs). In 2025, Mandiant observed a clear divergence in adversary pacing that closely aligns with the trends we have been documenting for defenders over the
Iran MOIS Colludes With Criminals to Boost Cyberattacks
Iranian APTs have long pretended to be cybercriminal groups. Now they're working with actual cybercriminal groups.
The Data Gap: Why Nonprofit Cyber Incidents Go Underreported
Threat actors target nonprofits due to security gaps and highly coveted information, but a lack of sufficient data makes it difficult to grasp the entire picture.
Attackers Abuse LiveChat to Phish Credit Card, Personal Data
A social engineering campaign impersonating PayPal and Amazon uses customer support interactions to acquire sensitive info.
China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years
Researchers uncovered an extensive cyber espionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets.
Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish
In an unsuccessful phishing attack, threat actors leveraged trusted brands and domains to try to redirect a C-suite executive at Outpost24 to give up his credentials.