fake
-
Hackers Exploit CloudFlare Anti-Security to Steal Microsoft 365 Login Credentials
A recent Microsoft 365 credential harvesting campaign shows attackers exploiting CloudFlare’s protective features to shield malicious phishing sites from security…
Read More » -
Fake CleanMyMac Site Spreads SHub Stealer, Targets Crypto Wallets
Hackers are leveraging a counterfeit CleanMyMac download site to deploy SHub Stealer on macOS users, a potent infostealer that compromises…
Read More » -
Malicious Browser Add‑on Targets imToken Users’ Private Keys
Socket’s Threat Research Team has uncovered a highly deceptive Google Chrome extension designed to steal private keys and seed phrases…
Read More » -
Threat Actors Exploit Fake Claude Code Downloads to Deploy Infostealer Malware
Threat actors are abusing interest in Anthropic’s Claude Code tools by setting up fake download pages that ultimately drop a…
Read More » -
Kaspersky: No Proof Coruna iPhone Hack Tools Are NSA-Made
Russian cybersecurity outfit Kaspersky is waving away claims that an iPhone exploit kit recently uncovered by Google was developed by…
Read More » -
Perplexity’s Comet Browser Breached Through Calendar Invite Attack
Security researchers at Zenity Labs disclosed a critical flaw in Perplexity’s Comet “agentic” browser that allowed attackers to steal local…
Read More » -
New Starkiller Phishing Framework Uses Real Login Pages to Bypass MFA Security
A new phishing framework called Starkiller is raising the bar for “phishing-as-a-service” by serving victims the real login pages of major brands through attacker…
Read More » -
AuraStealer Infostealer Targeting Users with 48 C2 Domains in Ongoing Campaigns
Threat actors are actively deploying a new infostealer dubbed “AuraStealer,” backed by a growing customer base, 48 identified command‑and‑control (C2)…
Read More » -
Hackers Weaponize 7-Zip Downloads to Turn Home PCs Into Proxy Nodes
A fake website impersonating the popular 7-Zip file archiver has been distributing malicious software that secretly converts infected computers into…
Read More » -
Bangladeshi Operator of Fake ID Marketplaces Charged in International Fraud Case
A 29-year-old Bangladeshi man, Zahid Hasan of Dhaka, Bangladesh, has been indicted on federal charges for operating online marketplaces that…
Read More » -
SantaStealer Malware Steals Sensitive Files, Credentials, and Crypto Wallet Data
Cybersecurity researchers at Rapid7 Labs have discovered a new and sophisticated threat: SantaStealer, a malware-as-a-service information stealer that is being…
Read More » -
PCPcat Malware Leverages React2Shell Vulnerability to Breach 59,000+ Servers
A sophisticated attack campaign attributed to a group identifying as “PCP” has compromised 59,128 servers in less than 48 hours…
Read More » -
Researchers and Developers Targeted in AI-Driven GitHub Supply Chain Attack
A sophisticated AI-generated supply chain attack is targeting researchers, developers, and security professionals through compromised GitHub repositories, according to findings…
Read More » -
New JSCEAL Infostealer Malware Targets Windows Systems to Steal Login Credentials
A sophisticated information-stealing tool known as JSCEAL has undergone significant developments in recent months, incorporating advanced anti-analysis techniques and a…
Read More » -
New DroidLock Malware Locks Android Devices and Demands Ransom Payment
A new and sophisticated threat campaign has been identified by the zLabs research team, targeting Spanish Android users with a…
Read More »