Apr 05, 2025Ravie LakshmananMalware / Supply Chain Attack
The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the...
The Sophos Active Adversary Report celebrates its fifth anniversary this year. The report grew out of a simple question: What happens after attackers breach...
In early March, we published a study detailing several malicious campaigns that exploited the popular DeepSeek LLM as a lure. Subsequent telemetry analysis indicated...
Last week, I noticed a surge in scans for the username "t128". This username, accompanied by the password "128tRoutes," is a well-known default account...
A new security issue is putting WordPress-powered websites at risk. Hackers are abusing the “Must-Use” plugins (MU-plugins) feature to hide malicious code and maintain...
Evilginx, a tool based on the legitimate (and widely used) open-source nginx web server, can be used to steal usernames, passwords, and session tokens,...
Mar 27, 2025Ravie LakshmananMobile Security / Malware
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a...
For more than five years, Sophos has been investigating multiple China-based groups targeting Sophos firewalls, with botnets, novel exploits, and bespoke malware.With assistance from...
As more and more financial transactions are conducted in digital form each year, financial threats comprise a large piece of the global cyberthreat landscape....
