credential
-
AI-Powered Cyberattack on Mexican Government Exposes Hundreds of Millions of Records
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack…
Read More » -
Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy
Hackers are impersonating popular secure messaging apps to deploy a sophisticated Android spyware tool called ProSpy against journalists, activists, and…
Read More » -
New Phishing Campaign Exploits Google Storage to Deliver Remcos RAT
A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on…
Read More » -
Microsoft Details How Defender Protects High-Value Assets in Real-World Attacks
Microsoft has significantly upgraded its Defender platform to automatically detect and block sophisticated cyberattacks targeting High-Value Assets (HVAs) like domain…
Read More » -
Cybercriminals Use Fake Zoom, Teams Calls to Deliver Malware
Hackers are increasinglyusing fake Zoom and Microsoft Teams meetings to trick victims into infecting their own systems with malware. SEAL…
Read More » -
Hackers Exploit Next.js React2Shell Vulnerability, Breach 766 Hosts in 24 Hours
Hackers are abusing a critical React2Shell vulnerability in Next.js applications to run an automated credential‑theft operation that has already compromised…
Read More » -
Tor-Backed ClickFix Campaign Drops Node.js RAT on Windows
Criminals are leveraging the “ClickFix” scheme, a deceptive tactic that dupes users into engaging with counterfeit CAPTCHA or verification screens.…
Read More » -
Iran-Linked Hackers Hit M365 Tenants in Middle East Password Spray Campaign
Iran-linked threat actors have launched a coordinated password-spraying campaign targeting Microsoft 365 environments across the Middle East, according to new…
Read More » -
Microsoft Warns Storm-1175 Exploiting Web-Facing Flaws to Deploy Medusa Ransomware
Microsoft is warning that a fast‑moving threat actor it tracks as Storm-1175 is aggressively exploiting vulnerabilities in internet‑exposed systems to…
Read More » -
North Korea’s Modular Malware Strategy Hides Attribution, Defies Takedowns
North Korea’s cyber operations have evolved from a monolithic structure to a modular, portfolio-style ecosystem. This design ensures resilience, making…
Read More » -
Top 10 Best Identity And Access Management (IAM) Companies 2026
In the rapidly evolving digital landscape of 2026, Identity and Access Management (IAM) has transcended its traditional role to become…
Read More » -
Top 10 Best Privileged Access Management (PAM) Solutions
In the dynamic and increasingly complex cybersecurity landscape of 2026, privileged accounts remain the most coveted targets for cybercriminals and…
Read More » -
14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability
Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity…
Read More » -
Hackers Weaponize Venom Stealer via ClickFix Lures for Massive Data Exfiltration
Hackers are escalating from basic social engineering to comprehensive data theft operations, with the newly identified Venom Stealer malware exemplifying…
Read More » -
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Korea–nexus threat actor hijacked the popular Axios NPM package in a high‑impact software supply chain attack, deploying a…
Read More »