A cybercriminal group known as SCATTERED SPIDER has emerged as a formidable threat, targeting sectors like hospitality, telecommunications, finance, and retail with unprecedented sophistication. This […]
Threat Actors Exploit Malware Loaders to Circumvent Android 13+ Accessibility Safeguards
Threat actors have successfully adapted to Google’s stringent accessibility restrictions introduced in Android 13 and later versions. These safeguards, rolled out in May 2022, were […]
Attackers Impersonate Ruby Packages to Steal Sensitive Telegram Data
Malicious RubyGems pose as a legitimate plug-in for the popular Fastlane rapid development platform in a geopolitically motivated attack with global supply chain reach. ​The […]
Lumma Infostealer Developers Persist in Their Malicious Activities
A coordinated operation by Europol, the FBI, Microsoft, and other public and private sector partners targeted the Lumma infostealer, a prolific malware distributed via a […]
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
Google has disclosed details of a financially motivated threat cluster that it said “specialises” in voice phishing (aka vishing) campaigns designed to breach organizations’ Salesforce […]
New Eleven11bot Hacks 86,000 IP Cameras for Large-Scale DDoS Attack
The newly identified Eleven11bot malware has compromised over 86,000 IP cameras across the Asia-Pacific (APAC) region, transforming these devices into a massive botnet for launching […]
DCRat Targets Latin American Users to Steal Banking Credentials
IBM X-Force has uncovered a series of targeted email campaigns orchestrated by Hive0131, a financially motivated threat group likely originating from South America. Observed in […]
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks […]
_Andrea_Danti_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Beware of Device Code Phishing
Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and […]
Aembit Recognized on the 2025 Rising in Cyber List of Top Cybersecurity Startups
Aembit, the workload identity and access management (IAM) company, today announced its inclusion in Rising in Cyber 2025, an independent list launched by Notable Capital to […]