%term

The New Guy (a.k.a. Agentic AI)

Aug 13, 2025 By Rubrik In Rubrik

AI agents have already caused unintended record updates, broken workflows, and pushed flawed logic into production systems. These misfires often go unnoticed until forecasts stall, pipelines break, or sensitive data is affected. These aren’t hallucinations. They’re executed actions with real consequences. At Rubrik, we’ve spent years helping enterprises recover from ransomware, insider threats, and operational errors. The pattern is always the same: Damage happens fast. The root cause is murky. And visibility is fragmented.

View Video

Rubrik

Read more about The New Guy (a.k.a. Agentic AI)

CTI Roundup: ClickFix, New Attacker Insights, PXA Stealer

Aug 13, 2025 By Tanium In Tanium

ClickFix campaign exploits CAPTCHAs, attack activity spikes ahead of CVE disclosures, and Vietnamese-speaking threat group deploys PXA Stealer.

Read Post

Tanium

Read more about CTI Roundup: ClickFix, New Attacker Insights, PXA Stealer

Pixels, Polygons, and Payloads:Malware delivery in 3D software pipelines

Aug 12, 2025 By Oliver Simonnet In CultureAI

This research explores an unconventional malware delivery vector, demonstrating how trusted creative software tools can be repurposed to deliver payloads in ways that bypass common defences, user expectations, and AI-based analysis. The work concludes with the creation of a successful Proof-of-Concept (PoC) for code execution and AV/EDR evasion using the open-source 3D software suite Blender.

Read Post

CultureAI

Read more about Pixels, Polygons, and Payloads:Malware delivery in 3D software pipelines

How To Detect and Remove a Keylogger

Aug 12, 2025 By Keeper Security In Keeper

A keylogger is sneaky malware that records everything you type — passwords, emails and even payment details — without your consent. In this video, we’ll break down the warning signs of a keylogger, show you how to detect one on your device and, most importantly, how to remove it.

View Video

Keeper

Read more about How To Detect and Remove a Keylogger

How Does Spyware Get on Your Phone?

Aug 11, 2025 By Keeper Security In Keeper

Is your phone acting strange? Lagging, overheating or randomly turning on the camera? You might have spyware! In this video, we break down the warning signs, how spyware gets on your phone and what you can do to protect your personal information.

View Video

Keeper

Read more about How Does Spyware Get on Your Phone?

Detecting Suspicious ESXi Activity Before Ransomware Happens

Aug 11, 2025 By Raven Tait In Splunk

Cybersecurity teams worldwide have been fighting against ransomware attacks on ESXi infrastructure for years. ESXi is a lightweight, bare-metal hypervisor developed by VMware that allows multiple virtual machines to run on a single physical server. ESXi is widely used in enterprise environments, often hosting virtual machines that support essential services for an entire organization.

Read Post

Splunk

Read more about Detecting Suspicious ESXi Activity Before Ransomware Happens

Picture Paints a Thousand Codes: Dissecting Image-Based Steganography in a .NET (Quasar) RAT Loader

Aug 11, 2025 By Teoderick Contreras In Splunk

Steganography is the art of hiding information inside a seemingly ordinary, legitimate object so that no one suspects anything is hidden. The technique T1027.003 has been around for a long time and is increasingly used by malware authors and threat actors to avoid detection. This involves hiding malicious payloads inside innocent-looking files such as images, audio, or documents. By embedding malware in these files, attackers can bypass traditional security tools that scan for obvious threats.

Read Post

Splunk

Read more about Picture Paints a Thousand Codes: Dissecting Image-Based Steganography in a .NET (Quasar) RAT Loader

Ransomware Evolution: The Changing Landscape of Cyber Extortion

Aug 8, 2025 By Arctic Wolf In Arctic Wolf

Cybercriminals are shifting tactics. Rather than relying solely on ransomware’s tried-and-true method of using encryption to lock files and demand payment to decrypt, many are now instead embracing exfiltration and extortion, with encryption as a secondary tactic. This marks a significant evolution in ransom-based attack methods, one where encryption is optional, but leverage is mandatory.

Read Post

Arctic Wolf

Read more about Ransomware Evolution: The Changing Landscape of Cyber Extortion

Dissecting Image-Based Steganography in a .NET (Quasar) RAT Loader

Aug 8, 2025 By Splunk In Splunk

The Splunk Threat Research Team created a simple script tool to automatically extract the hidden stub modules from the resource entry images. This video demo shows how this tool can extract hidden payload on those images on non-corrupted.NET Loaders.

View Video

Splunk

Read more about Dissecting Image-Based Steganography in a .NET (Quasar) RAT Loader

'Plague' malware exploits Pluggable Authentication Module to breach Linux systems

Aug 7, 2025 By Malware Research Team In CyberArk

‘Plague’ represents a newly identified Linux backdoor that has quietly evaded detection by traditional antivirus solutions for over a year. Its primary mechanism involves operating as a malicious PAM, allowing attackers to silently bypass system authentication and establish persistent SSH access to compromised Linux systems.

Read Post