The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.

Storm malware automates session hijacking for entry-level hackers

Rookie cybercriminals now use subscription malware to hijack enterprise and cryptocurrency accounts ...
The Hacker News

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

AtlasCross RAT spreads via 11 fake domains registered October 27, 2025, enabling encrypted C2 control and persistence.
The Hacker News

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.
Bleeping Computer

ConnectWise patches new flaw allowing ScreenConnect hijacking

ConnectWise is warning ScreenConnect customers of a cryptographic signature verification vulnerability that could lead to unauthorized access and privilege escalation. The flaw affects ScreenConnect ...
IEEE

Preventing Unattended Session Misuse in SSO Using Continuous Monitoring

Abstract: Ensuring safe and easy authentication has considered to be a crucial issue in cybers security due to the quick growth of cloud services and internet platforms. While existing solutions like ...