Cyberangreifer nutzen Chrome- und Edge-Add-ons zur Datenerfassung, Suchmanipulation und als Backdoor. Ascannio – shutterstock.com Forscher des Security-Anbieters Koi haben eine Cyberbande namens „ShadyPanda“ dabei ertappt, […]
Massive Phishing Attack Uses Parking Ticket and Medical Test Themes, Attributed to Storm-0900
In a brazen attempt to exploit the chaotic pre-holiday rush, Microsoft Security has detected and dismantled a large-scale phishing campaign launched on Thanksgiving Eve. The […]
Longwatch RCE Flaw Allows Attackers to Run Remote Code with Elevated Privileges
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning about a critical remote code execution vulnerability affecting Industrial Video & Control’s Longwatch […]
Malicious Rust “evm-units” Impersonator Deploys OS-Specific Payloads
A malicious Rust crate masquerading as an Ethereum Virtual Machine (EVM) utility has been caught delivering silent, OS-specific payloads to developers’ machines. The package, named […]
Discover the AI Tools Fueling the Next Cybercrime Wave — Watch the Webinar
Remember when phishing emails were easy to spot? Bad grammar, weird formatting, and requests from a “Prince” in a distant country? Those days are over. […]
Shai-Hulud 2.0 Cyberattack Compromises 30,000 Repos and Exposes 500 GitHub Accounts
The Shai-Hulud 2.0 supply chain attack has proven to be one of the most persistent and destructive malware campaigns targeting the developer ecosystem. Since the […]
Let’s Encrypt Cutting Certificate Lifespan from 90 Days to 45 Days
Let’s Encrypt, the nonprofit certificate authority serving millions of websites, announced a significant shift in how it issues digital certificates. Starting in 2026, the organization […]
New Calendly-Inspired Phishing Attack Aims to Steal Google Workspace Credentials
A long-running phishing campaign is abusing Calendly-branded job invitations to compromise Google Workspace and Facebook Business accounts, with a particular focus on hijacking ad management […]
MuddyWater Targets Critical Infrastructure With Custom Malware and Evolving Tactics
ESET researchers have uncovered a sophisticated campaign by MuddyWater, an Iran-aligned cyber-espionage group, targeting critical infrastructure across the Middle East with a newly refined toolkit […]
New “Executive Award” Scam Exploits ClickFix to Deliver Stealerium Malware
A sophisticated new phishing campaign is targeting company executives with a double-pronged attack that steals credentials and deploys information-stealing malware in a single coordinated strike. […]