Security researchers at Volexity have identified Russian threat actors exploiting Microsoft 365’s Device Code Authentication for sophisticated spear-phishing attacks.
Read MoreFinStealer is a sophisticated malware campaign targeting customers of a major Indian bank through fake mobile applications.
Read MoreA large-scale brute force attack campaign using 2.8 million IP addresses is actively targeting edge security devices, including VPNs, firewalls, and gateways from vendors like Palo Alto Networks, Ivanti, and SonicWall.
Read MoreCybersecurity researchers have uncovered a global malware campaign exploiting tax season to target financial institutions and individuals through phishing emails impersonating tax agencies like HMRC, Intuit, and myGov.
Read MoreHellcat is a newly identified ransomware group using a Ransomware-as-a-Service (RaaS) model to target government, education, and energy sectors.
Read MoreThe "FlowerStorm" phishing framework has emerged as a sophisticated Phishing-as-a-Service (PhaaS) platform targeting multiple brands to steal login credentials.
Read MoreThe New York State Department of Financial Services (NYDFS) fined PayPal $2 million for failing to meet its cybersecurity standards, following a data breach in December 2022.
Read MoreResearchers have uncovered new variants of the "Banshee macOS Stealer", which initially bypassed antivirus detection due to its use of a unique string encryption technique mimicking Apple’s XProtect antivirus engine.
Read MoreA sophisticated credit card skimmer malware has been discovered targeting WordPress checkout pages by silently injecting malicious JavaScript into the WordPress database's wp_options table.
Read MoreA research team has introduced ART4SQLi, a new adaptive random testing method designed to improve SQL injection (SQLi) vulnerability detection efficiency in penetration testing.
Read MoreNikki-Universal Co. Ltd., a leading chemical manufacturer, suffered a ransomware attack on December 22, 2024, resulting in the encryption of its data and the exfiltration of 761.8 GB of sensitive files.
Read MoreA new cyberattack technique called “DoubleClickjacking” has been discovered, posing significant risks to internet security by bypassing traditional clickjacking protections.
Read More
