The start of a new year means a fresh start for everyone, including cybersecurity teams. With budgets and plans now finalized, it’s time for CISOs […]
Hackers Abuse ClawHub Skills to Evade VirusTotal via Social Engineering
A new evolution in ClawHub skill-based attacks that effectively sidesteps recent security measures. Rather than embedding base64-encoded payloads directly in SKILL.md files, threat actors have […]
Men charged in FanDuel scheme fueled by thousands of stolen identities
Two Connecticut men face federal charges for allegedly defrauding FanDuel and other online gambling sites of $3 million over several years using the stolen identities […]
DKnife targets network gateways in long running AitM campaign
A previously undocumented China-linked adversary-in-the-middle (AitM) framework known as “DKnife” has been identified operating at network gateways, where it intercepts and manipulates in-transit traffic. According […]
China-Backed ‘PeckBirdy’ Takes Flight for Cross-Platform Attacks
In two separate campaigns, attackers used the JScript C2 framework to target Chinese gambling websites and Asian government entities with new backdoors. The original article […]
Empire cybercrime market owner pleads guilty to drug conspiracy
A Virginia man who co-created Empire Market, one of the largest dark web marketplaces at the time, pleaded guilty to federal drug conspiracy charges for […]
Palo Alto unveils Quantum-Safe Security to mitigate cryptographic risk
Palo Alto Networks unveiled its Quantum-Safe Security solution at the company’s virtual Quantum-Safe Summit Tuesday. The solution is designed to help organizations prepare for the […]
FBI seizes RAMP cybercrime forum used by ransomware gangs
The FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of […]
Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims […]
New sandbox escape flaw exposes n8n instances to RCE attacks
Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the […]