attacks
-
Hackers Impersonate Top Tax Firm with 40,000 Phishing Messages to Steal Credentials.
Proofpoint researchers have identified a marked increase in phishing campaigns and malicious domain registrations designed to exploit tax filing season.…
Read More » -
Researchers Exploited Windows Charset Conversion Feature to Execute Remote Code
Researchers have exposed a systemic vulnerability within the Windows operating system, leveraging its “Best-Fit” charset conversion feature to bypass security…
Read More » -
Beware of Fake Captcha Verifications Spreading Lumma Malware
In January, Netskope Threat Labs uncovered a sophisticated global malware campaign leveraging fake CAPTCHA pages to deliver the Lumma Stealer…
Read More » -
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users.…
Read More » -
Brave Browser Vulnerability Allows Malicious Website Appears as Trusted One
A security vulnerability has been identified in Brave Browser, potentially allowing malicious websites to masquerade as trusted ones during file…
Read More » -
Researchers Accessed Windows BitLocker Encrypted Files Disassembling the Laptop
Cybersecurity researchers have uncovered a major flaw in the Windows BitLocker encryption system, allowing attackers to access encrypted data without…
Read More » -
New Tool Unveiled to Scan Hacking Content on Telegram
A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking AI module designed to monitor and…
Read More » -
Hackers Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol
Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured on-premises applications can bypass Group Policy…
Read More » -
FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages
Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms. Phishing campaigns are delivered via Telegram…
Read More »