CastleLoader is a malware family tracked across 11 threat clusters and 17 intelligence report mentions on ThreatCluster. First observed November 27, 2025; most recent activity May 19, 2026.
A new cyber threat identified by Huntress involves a fake background removal website that tricks users into executing malicious commands. Dubbed BackgroundFix, this site masquerades as a free image-editing service,…
Bitdefender researchers have identified that the Microsoft HTML Application Host (MSHTA) utility is being actively exploited by cybercriminals to deliver a variety of malware, including infostealers and loaders. Despite…
Following U.S. military strikes on Iran, there is an anticipated increase in cyber warfare activities targeting U.S. operational technology and critical infrastructure. Iran is expected to retaliate with cyber attacks…
CastleLoader, a sophisticated malware loader, has been identified as a significant threat to U.S. government agencies and critical infrastructure. This malware is designed to facilitate further attacks by loading…
Analysis of cybersecurity incidents in the UK retail and manufacturing sectors reveals that 1,381 breaches occurred between Q3 2024 and Q2 2025, with no significant concentration around major shopping events. Security…
LummaStealer infections have surged due to social engineering campaigns utilizing the ClickFix technique to distribute CastleLoader malware. This infostealer, operating as a malware-as-a-service platform, had previously…
GrayBravo, previously known as TAG-150, has expanded its CastleLoader malware deployment across four distinct threat activity clusters since March 2025. The malware targets industries such as logistics and hospitality,…
A new social engineering campaign named ClickFix is targeting Windows users by presenting fake CAPTCHA verification pages. Victims are led to compromised websites that display fraudulent Cloudflare security checks,…
CrowdStrike reports that artificial intelligence will significantly alter the cyber threat landscape by 2026, with an expected rise in prompt-injection attacks and AI-driven zero-day discoveries. Security teams will…
eSentire reported a significant rise in account compromises in 2025, with email-led intrusions linked to credential theft. The research, based on data from over 2,000 customers, indicated that account compromise…