📩 🎣 A phishing campaign is spreading globally—and fast. Our researchers warn the attack has doubled in just two weeks, with emails spoofing logos and domains to deliver malware like PureHVNC, DCRat, and Babylon RAT. Unlike typical #phishing, this campaign gives attackers

📧 🎣 A new phishing campaign is on the rise—doubling detections in just 2 weeks. Our researchers found attackers using fake voicemails and purchase orders to deploy UpCrypter malware, impacting industries worldwide. 👉 Get the full analysis: ftnt.net/6013AzjRh

📩 🌎 A global phishing campaign is evolving fast. Our researchers warn attackers are using personalized emails and spoofed websites to deliver UpCrypter—a custom loader that installs RATs like PureHVNC, DCRat, and Babylon RAT. 🚨 This enables long-term persistence and full

🚨 📡 Our team uncovered a #phishing campaign delivering MostereRAT, a remote access trojan built to evade defenses. Using staged payloads, encrypted C2, and even legitimate remote access tools, attackers gain full control while staying under the radar. 💭 The takeaway?

🖱️ 🔍 Think twice before you click. Our researchers uncovered an SEO poisoning campaign where attackers hijacked search rankings to push lookalike domains posing as trusted software sites. 💭 The result? Victims unknowingly downloaded #malware like Hiddengh0st and Winos

🎣 ✉️ Not all #phishing lures look like emails you’ve seen before. Our researchers uncovered a campaign impersonating Ukrainian government agencies using malicious SVG files to trick victims—delivering fileless #malware like Amatera Stealer and PureMiner for data theft. A

Even “legit” downloads can be compromised. 📲 🚨 Recently our researchers uncovered campaigns using SEO poisoning to spread fake versions of popular apps like Chrome, Signal, and WhatsApp. The installers deliver both the real app and #malware such as Gh0st RAT variants—making

Decade-long espionage, sharper tactics. 🥷 ‼️ The Confucius group has evolved from document stealers to Python-based backdoors—layering obfuscation, weaponized files, and advanced #malware to target government, defense, and critical industries across South Asia. 🛡️ Full

Hackers are weaponizing Google searches. 🔍 Our researchers uncovered a malware campaign using SEO poisoning to push fake app downloads from lookalike sites. These malicious apps secretly drop #malware that can steal data, spy on messages and disable antivirus. Even top search

Chaos ransomware is evolving—becoming faster, smarter, and more destructive. 📩 🚨 Our #FortiGuardLabs team recently uncovered Chaos-C++, a new variant that marks the first time the ransomware was written in C++. This version blends: ⚙️ Destructive encryption 💰 Clipboard

New Stealit campaign → detected! 🔍 Our #FortiGuardLabs team has identified an active #StealitRAT campaign leveraging Node.js’ Single Executable Application (SEA) feature to evade detection and expand its reach. Learn how this campaign is evolving and defense tactics:

🌏 What began as isolated WinOS 4.0 attacks in Taiwan quickly evolved into a larger #malware campaign spanning China, Japan, and Malaysia. Through shared code reuse, overlapping infrastructure, and behavioral patterns—Our #FortiGuardLabs' team has traced these attacks and

A new, more aggressive Chaos #ransomware variant has emerged. ✉️ 🚨 Our team recently discovered a C++ rewrite of Chaos ransomware—marking its shift toward faster, more destructive, and financially driven tactics. 📑 Full Article: Dark Reading 🔗 ftnt.net/6010ACdjK

Recently our team uncovered a new Stealit infostealer #malware campaign spreading through fake #VPN and game installers—now packaged as Node.js single-executable apps and heavily obfuscated to evade detection. Browsers. Game launchers. Messaging apps. Crypto wallets—all in the

Most attacks aren’t advanced—they’re preventable. Our 2024 Incident Response Insights Report found that: 💰 72% of intrusions were financially motivated ✉️ Ransomware and extortion drove most incidents ⚙️ Many breaches stemmed from unpatched systems Read the full report for

🚨 New #FortiGuardLabs Outbreak Alert: Active exploitation of a critical #GoAnywhere MFT vulnerability allowing remote code execution. 🔗 Get full details and protection guidance: ftnt.net/60107Ky62

Attackers aren’t always breaking in—they’re logging in. 🖱️ New insights from our #FortiGuard IR team highlight a critical reality: many breaches start with a simple login using compromised credentials, not complex malware. 🔎 Read the full findings: ftnt.net/60117Mvml

🚨 Back in July, our team detected and blocked widespread exploitation of an MS SharePoint zero-day chain (CVE-2025-49706, CVE-2025-49704, CVE-2025-53770, & CVE-2025-53771) targeting multiple sectors. 🔗 Get full details and mitigation guidance: ftnt.net/60117TKJR

Stolen credentials. 🪪 Abused cloud services. ☁️ Large-scale automation. ⚙️ The #TruffleNet campaign shows how attackers are exploiting AWS SES and tools like TruffleHog to power Business Email Compromise (BEC) at cloud scale. Our research details how identity-driven threats

Cybercrime is a global problem—and fighting it requires global collaboration. 🌎 #Fortinet and Crime Stoppers International have launched the Cybercrime Bounty program, a first-of-its-kind initiative that will demonstrate how collaboration can advance collective action against