phishing
-
Cracked Apps Delivering Infostealers Identified as Leading Attack Vector in June 2025
The AhnLab Security Intelligence Center (ASEC) published a thorough analysis in June 2025 that identified infostealer malware masquerading as keygens…
Read More » -
Qilin Leads in Exploiting Unpatched Fortinet Vulnerabilities
The Qilin group has surged to prominence by aggressively exploiting critical vulnerabilities in Fortinet devices, underscoring a broader trend of…
Read More » -
Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware
Cybercriminals are increasingly weaponizing legitimate software installer frameworks like Inno Setup to distribute malware, turning user-friendly tools into covert vehicles…
Read More » -
Scattered Spider Enhances Tactics to Exploit Legitimate Tools for Evasion and Persistence
Scattered Spider, also tracked under aliases such as UNC3944, Scatter Swine, and Muddled Libra, has emerged as a formidable financially…
Read More » -
SquareX Reveals That Employees Are No Longer The Weakest Link, Browser AI Agents Are
Every security practitioner knows that employees are the weakest link in an organization, butthis is no longer the case. SquareX’s…
Read More » -
Chinese Student Charged in Mass Smishing Campaign to Steal Victims’ Personal Information
Ruichen Xiong, a student from China, has been sentenced to over a year in prison at Inner London Crown Court…
Read More » -
Hackers Deliver Remcos Malware Via .pif Files and UAC Bypass in Windows
A sophisticated phishing campaign has emerged, distributing the notorious Remcos Remote Access Trojan (RAT) through the DBatLoader malware. This attack…
Read More » -
Threat Actors Transform GIFTEDCROOK Stealer into an Intelligence-Gathering Tool
The Arctic Wolf Labs team has uncovered a dramatic transformation in the capabilities of the GIFTEDCROOK infostealer, wielded by the…
Read More » -
ESET Warns Cybercriminals Are Targeting NFC Data for Contactless Payments
ESET researchers have uncovered a sophisticated attack vector exploiting Near Field Communication (NFC) data, initially targeting Czech banking customers but…
Read More » -
Iranian APT35 Hackers Targeting High-Profile Cybersecurity Experts and Professors in Israel
The Iranian threat group Educated Manticore, also tracked as APT35, APT42, Charming Kitten, or Mint Sandstorm, has intensified its cyber-espionage…
Read More » -
CISA Issues Alert on ControlID iDSecure Flaws Enabling Bypass Authentication
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding critical vulnerabilities in ControlID’s iDSecure On-premises software,…
Read More » -
WinRAR Vulnerability Exploited with Malicious Archives to Execute Code
A newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users…
Read More » -
DuckDuckGo Browser’s Scam Blocker to Guard Against phishing and Malware Sites
DuckDuckGo has rolled out an advanced update to its browser’s built-in Scam Blocker, a robust security feature designed to shield…
Read More » -
Open Next SSRF Flaw in Cloudflare Lets Hackers Fetch Data from Any Host
A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the @opennextjs/cloudflare package, posing a significant security threat to…
Read More »