Fortinet Threat Research

FortiGuard Labs has recently discovered a series of malicious NPM packages designed to steal sensitive information from compromised systems. Learn more.      

FortiGuard Labs recently observed a new wave of credit card skimming attacks leveraging malicious browser extensions across Chrome, Edge, and Firefox. Learn more.      

FortiGuard Labs reveals critical insights into the nature of recent phishing trends. Learn more.      

FortiGuard Labs analyzes malicious software packages detected from November 2024 to the present and has identified various techniques used to exploit system vulnerabilities. Learn more.      

ForitGuard Lab reveals a modified Havoc deployed by a ClickFix phishing campaign. The threat actor hides each stage behind SharePoint and also uses it as a C2. Learn more.      

FortiGuard Labs uncovers an attack targeting companies in Taiwan with WinOS4.0 that spreads via official email impersonation. Learn more.      

Explore how FortiSandbox 5.0 detected this malware, the behavioral indicators it leveraged for identification, and Snake Keylogger’s technique to evade detection and analysis.      

Get insights into the Lynx ransomware, which is considered the successor to the INC ransomware. This double-extortion ransomware has threatened more than 90 organizations worldwide, including those in the healthcare and energy sectors. Learn more.      

FortiGuard Labs reverse engineers a malware’s binaries to look into what the malware is actually doing.      

FortiGuard Labs observes a threat actor using a LNK file to deploy Coyote attacks, unleashing malicious payloads and escalating the risk to financial cybersecurity.