theft

December 2, 2025

DevilsTongue Spyware Targets Windows Users Across Multiple Countries

Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing…
Read More »
November 29, 2025

Poland Arrests Suspected Russian Hacker Targeting Local Organizations’ Networks

Polish authorities have made a significant move in their cybercrime enforcement efforts by detaining a Russian national suspected of conducting…
Read More »
November 28, 2025

Microsoft Blocks External Scripts in Entra ID Logins to Boost Security

Microsoft has announced a significant security change to the Microsoft Entra ID sign-in experience that will block external scripts from…
Read More »
November 27, 2025

ByteToBreach Offers Stolen Global Airline, Banking, and Government Records

A cybercriminal operating under the alias ByteToBreach has emerged as a prominent figure in the underground data trade, orchestrating a…
Read More »
November 26, 2025

A Novel Exploit Leveraging URL Fragments To Deceive AI Browsers

Security researchers at Cato CTRL have uncovered HashJack. This innovative indirect prompt-injection attack hides harmful commands in the fragment portion…
Read More »
November 23, 2025

Tycoon2FA Launches Nearly 1 Million Attacks Targeting Office 365 Accounts

Tycoon2FA, a sophisticated phishing-as-a-service platform tracked by Microsoft as Storm-1747, has emerged as the dominant threat targeting Office 365 accounts…
Read More »
November 14, 2025

Analysis of Multi-Stage Phishing Kits Leveraging Telegram for Credential Theft and Evasion Techniques

Researchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion…
Read More »
November 9, 2025

Weaponized Videos Trigger Self-Infection Tactics

ClickFix attacks have surged dramatically over the past year, cementing their position as pivotal tools in the modern attacker’s arsenal.…
Read More »
November 7, 2025

Over 15 Malicious npm Packages Exploiting Windows to Deploy Vidar Malware

Datadog Security Research has uncovered a sophisticated supply chain attack targeting the npm ecosystem, involving 17 malicious packages across 23…
Read More »
November 4, 2025

Tactics Targeting M365 and Gmail

The Tycoon 2FA phishing kit represents one of the most sophisticated threats targeting enterprise environments today. This Phishing-as-a-Service (PhaaS) platform,…
Read More »
November 3, 2025

New BOF Tool Bypasses Microsoft Teams Cookie Encryption to Steal User Chats

Cybersecurity researchers at Tier Zero Security have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness…
Read More »
November 2, 2025

CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks

The U.S. Cybersecurity and Infrastructure Security Agency has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog,…
Read More »
November 1, 2025

Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data

The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming…
Read More »
October 30, 2025

Threat Actors Abuse AzureHound Tool to Enumerate Azure and Entra ID Environments

The cybersecurity landscape continues to shift toward cloud-based attacks, with threat actors increasingly exploiting legitimate security tools for malicious reconnaissance.…
Read More »
October 28, 2025

New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs

A sophisticated new Android malware family called GhostGrab is actively targeting mobile users with a dual-monetization strategy that combines covert…
Read More »
October 27, 2025

Qilin Ransomware Exploits MSPaint and Notepad to Locate Sensitive Files

In the latter half of 2025, the Qilin ransomware group has solidified its standing as a formidable threat, continuing to…
Read More »
October 24, 2025

Phishing Campaign Uses Unique UUIDs to Evade Secure Email Gateways

A sophisticated new phishing attack discovered in early February 2025 is successfully bypassing Secure Email Gateways (SEGs) and evading perimeter…
Read More »
October 23, 2025

Injecting Malicious Code into RMClient to Evade EDR

CyberProof researchers detected a significant surge in Remcos (Remote Control & Surveillance Software) campaigns throughout September and October 2025, exploiting…
Read More »
October 22, 2025

Direct Memory Attacks Used to Capture Browser Credentials

On October 6, 2025, the cybercriminal developer known as “Loadbaks” announced the release of Vidar Stealer v2.0 on underground forums,…
Read More »
October 20, 2025

Winos 4.0 Malware Uses Weaponized PDFs Posing as Government Departments to Infect Windows Machines

Security researchers are tracking a high-severity malware campaign that uses weaponized PDF files to distribute the Winos 4.0 malware. The…
Read More »

Previous page Next page