A critical Windows vulnerability that has been exploited since 2017 by state-sponsored threat actors has been uncovered recently by researchers. The vulnerability, tracked as ZDI-CAN-25373,…
ClearFake, a malicious JavaScript framework first identified in July 2023, has evolved with sophisticated new social engineering tactics. Originally designed to display fake browser update…
Cryptocurrency exchange Bybit detected unauthorized activity involving its Ethereum cold wallets, leading to a major security breach. The incident occurred during an ETH multisig transaction…
Security researchers from Bitdefender have uncovered a large-scale ad fraud campaign involving 331 malicious apps on the Google Play Store. These apps, which have accumulated…
A sophisticated cyber espionage campaign has been uncovered where threat actors are masquerading as recruiters to target job seekers and employees of specific organizations. The…
A sophisticated malware campaign dubbed “DocSwap” has emerged targeting Android users globally by disguising itself as a legitimate document security and viewing application. The malware…
Microsoft has issued an urgent security advisory regarding a newly discovered malware strain called StilachiRAT, which specifically targets and exfiltrates data from Remote Desktop Protocol…
A sophisticated new phishing campaign has been discovered that exploits Microsoft 365’s legitimate infrastructure to conduct highly convincing credential harvesting and account takeover attempts. Unlike…
Google’s parent company, Alphabet Inc., is reportedly in advanced negotiations to acquire cybersecurity startup Wiz for approximately $30 billion. If completed, this acquisition would become…
Attackers are actively exploiting a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. The vulnerability, identified as CVE-2024-27564, has become a significant threat despite its…
A sophisticated cyberattack technique known as Browser-in-the-Middle (BitM) has emerged, enabling hackers to bypass multi-factor authentication (MFA) and steal user sessions in mere seconds. This…
Cobalt Strike has released version 4.11 with significant improvements to its evasion capabilities, making the popular red team tool more resilient against modern security solutions. …
