DuckDuckGo beefs up scam defense to block fake stores, crypto sites
The DuckDuckGo web browser has expanded its built-in Scam Blocker tool to protect against a broader range of online scams, including fake e-commerce, cryptocurrency exchanges,…
Category: Bleeping Computer
Krispy Kreme says November data breach impacts over 160,000 people
U.S. doughnut chain Krispy Kreme confirmed that attackers stole the personal information of over 160,000 individuals in a November 2024 cyberattack. The American multinational coffeehouse…
Ryuk ransomware’s initial access expert extradited to the U.S.
A member of the notorious Ryuk ransomware operation who specialized in gaining initial access to corporate networks has been extradited to the United States. The…
Pro-Israel hackers hit Iran’s Nobitex exchange, burn $90M in crypto
The pro-Israel “Predatory Sparrow” hacking group claims to have stolen over $90 million in cryptocurrency from Nobitex, Iran’s largest crypto exchange, and burned the funds in…
Instagram ads mimicking BMO, EQ Bank are finance scams
Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams…
North Korean hackers deepfake execs in Zoom call to spread Mac malware
The North Korean BlueNoroff hacking group is deepfaking company executives during Zoom calls to trick employees into installing custom malware on their macOS devices. BlueNoroff…
Instagram ads mimicking BMO, EQ Banks are finance scams
Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams…
Healthcare SaaS firm says data breach impacts 5.4 million patients
Episource warns of a data breach after hackers stole health information of over 5 million people in the United States in a January cyberattack. Episource…
‘Stargazers’ use fake Minecraft mods to steal player passwords
A large-scale malware campaign specifically targets Minecraft players with malicious mods and cheats that infect Windows devices with infostealers that steal credentials, authentication tokens, and…
Microsoft 365 to block file access via legacy auth protocols by default
Microsoft has announced that it will start updating security defaults for all Microsoft 365 tenants in July to block access to SharePoint, OneDrive, and Office…
CISA warns of attackers exploiting Linux flaw with PoC exploit
CISA has warned U.S. federal agencies about attackers targeting a high-severity vulnerability in the Linux kernel’s OverlayFS subsystem that allows them to gain root privileges.…
How Trusted Domains Become Threat Vectors
Phishing remains one of cybersecurity’s most enduring threats, not because defenders aren’t evolving, but because attackers are adapting even faster. Today’s most effective campaigns aren’t…