search
-
EvilTokens Uses Stolen Microsoft 365 Tokens, AI to Supercharge BEC
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that turns stolen Microsoft 365 tokens and AI into an end‑to‑end factory for…
Read More » -
LinkedIn Hidden Code Secretly Scans Users’ Computers for Installed Software
A new investigation by Fairlinked e.V. claims that Microsoft-owned LinkedIn is running a massive, undisclosed corporate surveillance operation. According to…
Read More » -
Apple Adds ClickFix Attack Warnings in New macOS Tahoe Security Feature
Apple has silently introduced a new security mechanism in macOS Tahoe 26.4 to protect users against social engineering campaigns known…
Read More » -
New Study Reveals How Infostealer Infections Lead to Dark Web Exposure in Just 48 Hours
New research highlights how infostealer malware can rapidly convert a single careless click into full credential exposure on dark web…
Read More » -
Roundcube Releases Urgent Security Update to Fix Critical Bugs
Roundcube Webmail has issued an urgent security update addressing eight critical vulnerabilities discovered by independent security researchers. This release, version…
Read More » -
Critical QNAP QVR Pro Flaw Could Let Remote Attackers Access Systems
QNAP has released an urgent security advisory regarding a critical vulnerability affecting its QVR Pro application, a widely deployed network…
Read More » -
MioLab MacOS Stealer Expands With ClickFix, Wallet Theft, Team APIs
As Apple’s macOS footprint grows in both consumer and enterprise environments, dedicated infostealers like MioLab (aka Nova) demonstrate that Macs…
Read More » -
SEO Poisoning Campaign Uses Fake Popular Apps to Deliver AsyncRAT
An ongoing SEO poisoning campaign abuses search results to trick users into downloading trojanized installers for more than 25 popular…
Read More » -
Pyronut Package Backdoors Telegram Bots With RCE
Malicious ‘Pyronut’ is a trojanized Python package that backdoors Telegram bots and userbots, giving attackers remote code execution over both…
Read More » -
New Kubernetes NFS CSI Vulnerability Enables Unauthorized Directory Deletion and Changes
A newly disclosed security flaw in the Kubernetes Container Storage Interface (CSI) Driver for Network File System (NFS) exposes storage…
Read More » -
Hackers Exploit CloudFlare Anti-Security to Steal Microsoft 365 Login Credentials
A recent Microsoft 365 credential harvesting campaign shows attackers exploiting CloudFlare’s protective features to shield malicious phishing sites from security…
Read More »