⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More
It’s easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest […]
Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches
ClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks where users interact with malicious scripts in their web browser are a […]
131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign
Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to […]
MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems
China on Sunday accused the U.S. National Security Agency (NSA) of carrying out a “premeditated” cyber attack targeting the National Time Service […]
Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide
Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its customers to […]
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously […]
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan […]
Identity Security: Your First and Last Line of Defense
The danger isn’t that AI agents have bad days — it’s that they never do. They execute faithfully, even when what they’re […]
Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices
Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute […]
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign
Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to […]
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware
The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of […]
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
A threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique […]