Global Jewellery Brand Pandora Suffers Hacked
Danish jewellery giant Pandora has disclosed a significant data breach that compromised customer information through a third-party vendor platform. The company has begun notifying affected…
Category: CyberSecurityNews
Lazarus Hackers Trick Users Into Believing Their Camera or Microphone is Blocked to Deliver PyLangGhost RAT
Cybersecurity researchers have observed a new social engineering campaign attributed to North Korea’s Lazarus Group in recent weeks that leverages fake camera and microphone errors…
Google’s Salesforce Instances Hacked in Ongoing Attack
Google has confirmed that one of its corporate Salesforce instances was compromised in June by the threat group tracked as UNC6040. This incident is part…
Mustang Panda Attacking Windows Users With ToneShell Malware Mimic as Google Chrome
A sophisticated new cyber campaign has emerged targeting Windows users through a deceptive malware variant known as ToneShell, which masquerades as the legitimate Google Chrome…
Threat Actors Weaponize Smart Contracts to Drain User Crypto Wallets of More Than $900k
In a sophisticated campaign uncovered in early 2024, cybercriminals have begun distributing malicious Ethereum smart contracts masquerading as lucrative trading bots. These weaponized contracts leverage…
UAC-0099 Hackers Weaponizing HTA Files to Deliver MATCHBOIL Loader Malware
The Ukrainian threat intelligence group UAC-0099 has significantly evolved its cyber warfare capabilities, deploying a sophisticated new malware toolkit targeting Ukrainian state authorities, Defense Forces,…
Threat Actors Leveraging GenAI for Phishing Attacks Impersonating Government Websites
Cybercriminals have escalated their phishing operations by incorporating generative artificial intelligence tools to create sophisticated replicas of government websites, marking a significant evolution in social…
Rockwell Arena Simulation Vulnerabilities Let Attackers Execute Malicious Code Remotely
Rockwell Automation has disclosed three critical memory corruption vulnerabilities in its Arena® Simulation software that could allow threat actors to execute arbitrary code remotely on…
WhatsApp’s New Security Feature Allows Users to Pause, Question, and Verify Malicious Messages
WhatsApp has unveiled a comprehensive security enhancement that implements a “pause, question, and verify” protocol to protect users from sophisticated messaging scams. The platform has…
Akira Ransomware Uses Windows Drivers to Bypass AV/EDR in SonicWall Attacks
A sophisticated evasion technique employed by Akira ransomware affiliates, exploiting legitimate Windows drivers to bypass antivirus and endpoint detection and response (EDR) systems during recent…
Chinese Hackers Exploit SharePoint Vulnerabilities to Deploy Toolsets Includes Backdoor, Ransomware and Loaders
A sophisticated Chinese threat actor has been exploiting critical vulnerabilities in Microsoft SharePoint to deploy an advanced malware toolset dubbed “Project AK47,” according to new…
Microsoft’s New AI Agent Project to Detect Malware with Reverse Engineering Tools
Microsoft has unveiled Project Ire, an autonomous AI agent capable of reverse engineering and classifying malware at an unprecedented scale. The breakthrough system achieved a…