Please turn JavaScript on
Security Risk Advisors icon

Security Risk Advisors

follow.it gives you an easy way to subscribe to Security Risk Advisors's news feed! Click on Follow below and we deliver the updates you want via email, phone or you can read them here on the website on your own news page.

You can also unsubscribe anytime painlessly. You can even combine feeds from Security Risk Advisors with other site's feeds!

Title: A Leader in Cybersecurity Services - Security Risk Advisors

Is this your feed? Claim it!

Publisher:  Unclaimed!
Message frequency:  2.12 / day

Message History

Group-IB disclosed a significantly enhanced version of the RedHook Android remote access trojan (RAT), introducing advanced privilege abuse, persistence, and command-and-control capabilities. Previously documented in 2025, the latest variant expands its targeting beyond Vietnam into Indonesia and continues to spread through fake government a...


Read full story

OX Security researchers identified a malicious npm package named polymarket-kit that impersonates the popular prediction market platform Polymarket while delivering a multi-stage malware campaign targeting cryptocurrency users and cloud environments. Once installed, the package downloads an obfuscated second-stage payload from atta...


Read full story

Researchers from the University of Missouri-Kansas City’s ASSET Research Group disclosed Ghostcommit, a proof-of-concept software supply chain attack that abuses AI-assisted development workflows by embedding prompt injection instructions inside PNG images. Rather than targeting developers directly, the attack exploits the growing use of AI ...


Read full story

Palo Alto Networks Unit 42 disclosed a financially motivated malware campaign delivering Vidar stealer and the XMRig cryptocurrency miner to consumer and small and medium sized business victims worldwide. The campaign primarily targets users in the United States and European Union and is assessed to be operated by a Vidar stealer malware as ...


Read full story

ReliaQuest disclosed a previously unreported data extortion group tracked as “Helix,” running a multi-target campaign built on vishing, device code phishing, and automated SharePoint exfiltration. ReliaQuest assesses Helix likely emerged from the same ecosystem as the now-defunct “BlackFile” group and shares infrastructure and tradecraft ove...


Read full story