Attackers are using credentials stolen via phishing websites that purport to be legitimate securities company homepages, duping victims and selling their stocks before they realize […]
Kubernetes Pods Are Inheriting Too Many Permissions
Scalable, effective — and best of all, free — securing Kubernetes workload identity cuts cyber-risk without adding infrastructure, according to new research from SANS. ​The […]
Russian Hackers Exploit Microsoft OAuth 2.0 to Target Organizations
Cybersecurity firm Volexity has tracked a series of highly targeted attacks by suspected Russian threat actors, identified as UTA0352 and UTA0355. It exploits Microsoft 365 […]
New SMS Phishing Attack Weaponizes Google AMP Links to Evade Detection
Group-IB’s High-Tech Crime Trends Report 2025 reveals a sharp 22% surge in phishing websites, with over 80,000 detected in 2024. Among the most concerning discoveries […]
Ransomware Actors Ramp Up Attacks Organizations with Emerging Extortion Trends
Unit 42’s 2025 Global Incident Response Report, ransomware actors are intensifying their cyberattacks, with 86% of incidents causing significant business disruptions such as operational downtime […]
Threat Actors Leverage TAG-124 Infrastructure to Deliver Malicious Payloads
In a concerning trend for cybersecurity, multiple threat actors, including ransomware groups and state-sponsored entities, are utilizing a malicious traffic distribution system (TDS) known as […]
Hackers Exploit NFC Technology to Steal Money from ATMs and POS Terminals
In a disturbing trend, cybercriminals, predominantly from Chinese underground networks, are exploiting Near Field Communication (NFC) technology to perpetrate large-scale fraud at ATMs and Point-of-Sale […]
FireEye EDR Vulnerability Allows Attackers to Execute Unauthorized Code
A critical vulnerability (CVE-2025-0618) in FireEye’s Endpoint Detection and Response (EDR) agent has been disclosed, enabling attackers to execute unauthorized code and trigger persistent denial-of-service […]
Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign
The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed […]
Lattica Emerges from Stealth to Solve AI’s Biggest Privacy Challenge with FHE
Lattica, an FHE-based platform enabling secure and private use of AI in the cloud, has emerged from stealth with $3.25 million in pre-seed funding. The […]