The fear surrounding the Pegasus spyware tool is being used to lure victims to a fake Amnesty International site that installs the Sarwent RAT.
Some cybercrime groups are using trojaned proxyware installers to gain a foothold on victim machines and install malware and cryptominers.
TA505, a well-known cybercrime group, is using signed MSI files and other techniques to install the ServHelper RAT on victims' systems.
During an investigation into suspected Iranian threat group ITG18, researchers found various security errors made by the attackers that gave them an inside look into their TTPs.
Researchers uncovered a flaw in macOS that could allow attackers to access permissions, like screen recording, on victim devices - without their approval.