Salesforce customers duped by series of social-engineering attacks
A financially motivated threat group posing as IT support has intruded the systems of about 20 organizations by duping employees into installing a malicious, illegitimate…
Month: June 2025
Hacker targets other hackers and gamers with backdoored GitHub code
A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub that contain hidden backdoors to…
New Crocodilus Malware That Gain Complete Control of Android Device
A sophisticated new Android banking Trojan named Crocodilus has emerged as a significant global threat, demonstrating advanced device-takeover capabilities that grant cybercriminals unprecedented control over…
DCRat Targets Latin American Users to Steal Banking Credentials
IBM X-Force has uncovered a series of targeted email campaigns orchestrated by Hive0131, a financially motivated threat group likely originating from South America. Observed in…
Hackers Leak 86 Million AT&T Records with Decrypted SSNs
Hackers have leaked what they claim is AT&T’s database which was reportedly stolen by the ShinyHunters group in April 2024 after they exploited major security…
Put ROCs before SOCs, Qualys tells public sector
The security operations centre (SOC) has served public sector cyber teams well over the years but is fundamentally a reactive tool and now needs to…
Ukraine claims it hacked Tupolev, Russia’s strategic warplane maker
The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims it hacked the Russian aerospace and defense company Tupolev, which develops Russia’s supersonic strategic…
How To Detect Them Early
Business Email Compromise (BEC) attacks don’t need malware to do damage. All it takes is one convincing message; a fake login prompt, a cleverly disguised…
AMOS macOS Stealer Evades Security to Deploy Malicious Code
A newly uncovered campaign involving an Atomic macOS Stealer (AMOS) variant has emerged, showcasing the evolving sophistication of multi-platform social engineering attacks. This campaign, discovered…
BidenCash carding market domains seized in international operation
Earlier today, law enforcement seized multiple domains of BidenCash, the infamous dark web market for stolen credit cards, personal information, and SSH access. The illegal…
Threat Actors Exploit Malware Loaders to Circumvent Android 13+ Accessibility Safeguards
Threat actors have successfully adapted to Google’s stringent accessibility restrictions introduced in Android 13 and later versions. These safeguards, rolled out in May 2022, were…
Investigatory powers: Guidelines for police and spies could also help businesses with AI
Police and intelligence agencies are turning to AI to sift through vast amounts of data to identify security threats, potential suspects and individuals who may…