A newly uncovered malware campaign has demonstrated how threat actors are abusing Discord’s vanity invite system to silently redirect users to malicious servers, ultimately delivering AsyncRAT and a customized Skuld information stealer. At the core of the campaign is a flaw in Discord’s invite mechanism that allows attackers to reuse expired or deleted invite codes […]
A large-scale web compromise campaign has been uncovered, involving the injection of heavily obfuscated JavaScript code into legitimate websites, redirecting unsuspecting visitors to malicious destinations. Security telemetry between March 26 and April 25, 2025, shows that over 269,000 infected web pages were detected, with a major spike on April 12, when more than 50,000 cases
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning over active exploitation of SimpleHelp Remote Monitoring and Management (RMM) vulnerabilities, which have been leveraged by ransomware groups to breach downstream customers of an unnamed utility billing software provider. According to the advisory, threat actors are exploiting unpatched SimpleHelp versions (5.5.7 and earlier)
Apple has disclosed a critical zero-click vulnerability in its Messages app that was actively exploited in the wild to deploy spyware against high-profile individuals, including investigative journalists. The flaw, tracked as CVE-2025-43200, was addressed in a security update released on February 10, 2025, affecting multiple platforms including iOS, iPadOS, macOS, watchOS, and visionOS. The issue
A sprawling web of malicious advertising infrastructure tied to the threat actor group behind VexTrio Viper Traffic Distribution Service (TDS) has been linked to at least two additional traffic distribution operations—Help TDS and Disposable TDS—according to recent threat intelligence research. These interconnected services form a sophisticated affiliate-driven ecosystem designed to redirect unsuspecting users to malware,
