Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as […]
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
Cybersecurity researchers have detailed a malware campaign that's targeting Docker…
‘Cookie Bite’ Entra ID Attack Exposes Microsoft 365
A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens…
Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans
The Sekoia TDR (Threat Detection & Research) team has reported…
Threat Actors Leverage npm and PyPI with Impersonated Dev Tools for Credential Theft
The Socket Threat Research Team has unearthed a trio of…
Hackers Exploit Legitimate Microsoft Utility to Deliver Malicious DLL Payload
Hackers are now exploiting a legitimate Microsoft utility, mavinject.exe, to…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
Cybersecurity researchers have detailed a malware campaign that's targeting Docker…
Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans
The Sekoia TDR (Threat Detection & Research) team has reported…
‘Cookie Bite’ Entra ID Attack Exposes Microsoft 365
A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens…
Threat Actors Leverage npm and PyPI with Impersonated Dev Tools for Credential Theft
The Socket Threat Research Team has unearthed a trio of…
DeepSeek Breach Opens Floodgates to Dark Web
The incident should serve as a critical wake-up call. The…
Threat Actors Manipulate Search Results to Direct Users to Malicious Websites
The digital landscape has become increasingly perilous as cybercriminals develop…
Oracle Acknowledges Data Breach and Starts Informing Affected Clients
Oracle Corporation has confirmed a data breach involving its older…
Binance Spoofers Compromise PCs in ‘TRUMP’ Crypto Scam
An email campaign luring users with offers of free President…
Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds
Everybody knows browser extensions are embedded into nearly every user’s…
CrushFTP Vulnerability Exploited to Gain Full Server Access
A critical vulnerability (CVE-2025-2825) in CrushFTP, a widely used enterprise…
WhatsApp Job Offer Scam Targets Job Seekers in New Phishing Attack
A new form of phishing attack is making waves among job seekers, as cybercriminals exploit WhatsApp and Meta’s trusted branding to lure victims into sophisticated […]
10 Best Email Security Solutions in 2025
Email security solutions are critical for protecting organizations from the growing sophistication of cyber threats targeting email communication. As email remains a primary channel for […]
CISA Issues 9 New ICS Advisories Addressing Critical Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released nine new advisories detailing severe vulnerabilities in widely-used Industrial Control Systems (ICS) products. These advisories, […]
Malicious Macros Return in Sophisticated Phishing Campaigns
The cybersecurity landscape of 2025 is witnessing a troubling resurgence of malicious macros in phishing campaigns. Despite years of advancements in security measures and Microsoft’s […]
“Living-off-the-Land Techniques” How Malware Families Evade Detection
Living-off-the-Land (LOTL) attacks have become a cornerstone of modern cyber threats, allowing malware to evade detection by leveraging legitimate system tools and processes. Rather than […]
Chinese UNC5174 Group Expands Arsenal with New Open Source Tool and C2 Infrastructure
The Sysdig Threat Research Team (TRT) has revealed a significant evolution in the offensive capabilities of the Chinese state-sponsored threat actor, UNC5174. In late January […]
SOC Alert Fatigue Hits Peak Levels As Teams Battle Notification Overload
Security Operations Centers (SOCs) are facing a mounting crisis: alert fatigue. As cyber threats multiply and security tools proliferate, SOC teams are inundated with thousands […]
Oracle Issues Patch for 378 Vulnerabilities in Major Security Rollout
Oracle Corporation has released a sweeping Critical Patch Update (CPU) for April 2025, addressing a staggering 378 security vulnerabilities across a wide array of its […]
Hackers Exploit Node.js to Spread Malware and Exfiltrate Data
Threat actors are increasingly targeting Node.js—a staple tool for modern web developers—to launch sophisticated malware campaigns aimed at data theft and system compromise. Microsoft Defender […]