Ongoing phishing campaign targets UN humanitarian organizations

The campaign uses several noteworthy techniques, including the ability to detect mobile devices and to log keystrokes.

New Gustuff malware campaign uses Instagram to infect users with Android banking trojan

Gustuff Android banking trojan returns with new features, moves to new distribution hosts.

Magecart Group 5 linked to Dridex banking Trojan, Carbanak cybercrime gang

Researchers identified registrant data that is connected to Magecart Group 5, Dridex phishing campaigns and the Carbanak group.

Chinese hackers target MSSQL Servers with a new backdoor

The Skip-2.0 backdoor allows the attacker to gain persistence in the victim's MSSQL while remaining undetected.

Hackers use fake UpdraftPlus plugins to backdoor WordPress websites

The malicious plugins hide themselves in the WordPress dashboard from anyone who doesn’t use browsers with specific User-Agent strings.