News & Updates

Securing Agentic AI: How to Protect the Invisible Identity Access

/
AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can’t easily see. These “invisible” non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have
News & Updates

AsyncRAT’s Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe

/
Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT, which was first released on GitHub in January 2019 and has since served as the foundation for several other variants.
“AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a sprawling network of forks and variants,” ESET
Threats

Interlock Ransomware Detection: Adversaries Deploy a Novel PHP-Based RAT Variant via FileFix

/
Interlock Ransomware New Variant Detection

Threat actors operating the Interlock ransomware, known for executing high-impact double-extortion attacks across various global industries, have re-emerged in the cyber threat landscape. Attackers have recently deployed a new PHP-based version of its custom RAT in a large-scale campaign, leveraging a modified ClickFix variant known as FileFix to target organizations across multiple sectors. Detect Interlock […]

The post Interlock Ransomware Detection: Adversaries Deploy a Novel PHP-Based RAT Variant via FileFix appeared first on SOC Prime.

News & Updates

State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments

/
Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon.
The activity is being tracked by Palo Alto Networks Unit 42 under the moniker CL-STA-1020, where “CL” stands for “cluster” and “STA” refers to “state-backed motivation.”
“The threat actors behind this
News & Updates

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

/
North Korea-linked hackers uploaded 67 malicious npm packages with XORIndex malware, hitting 17K+ downloads in ongoing supply chain attacks. North Korea-linked threat actors behind the Contagious Interview campaign have uploaded 67 malicious npm packages with XORIndex malware loader, hitting over 17,000 downloads in ongoing supply chain attacks. XORIndex was built to evade detection and deploy […]
News & Updates

Outwit the Swindlers: How to Spot Sophisticated Scams Online

/
Gone are the days when phishing emails were riddled with typos and suspicious links. Today’s online scams are polished, persuasive, and powered by some of the same technologies that keep the digital world ticking.

AI-generated voices, fake websites that mirror real ones down to the pixel, and convincing messages that mimic people you know — these aren’t plots from a cyber-thriller. They’re real and stalking their prey every day.

The good news? You don’t need to be a cybersecurity expert to sta

Scroll to Top