A sophisticated cybercrime campaign has been discovered targeting Android users through fake antivirus applications that actually deliver LunaSpy spyware to victims’ devices. Security researchers have…
UAC-0099 is a threat actor organization that has been targeting state officials, defense forces, and defense-industrial firms in a series of sophisticated cyberattacks that Ukraine’s…
Threat actors are increasingly leveraging generative AI (GenAI) tools to craft highly convincing phishing websites that impersonate legitimate government portals. As highlighted by Zscaler ThreatLabz…
Insikt Group has uncovered new infrastructure tied to the Israeli spyware vendor Candiru, now operating under Saito Tech Ltd., highlighting the persistent deployment of its…
ClickFix, which began as a red-team simulation tool in September 2024, has quickly developed into a widespread malware delivery system that outcompetes its predecessors, such…
WhatsApp is rolling out enhanced security measures to combat the surge in scam messages targeting users worldwide, as criminal organizations increasingly exploit messaging platforms to…
Pandora, the world-renowned Danish jewelry retailer, recently suffered a major cybersecurity incident involving unauthorized access to customer information through a third-party vendor platform. The company…
Rockwell Automation has disclosed three critical memory corruption vulnerabilities in its Arena Simulation software that could allow attackers to execute malicious code remotely. The vulnerabilities,…
Adobe has released critical security updates for Adobe Experience Manager (AEM) Forms on Java Enterprise Edition following the discovery of two severe vulnerabilities that could…
Threat actors leveraged SEO poisoning techniques to manipulate Bing search results, directing users querying for “ManageEngine OpManager” to a malicious domain, opmanager[.]pro. This site distributed…
Unit 42 researchers have identified significant overlaps between Microsoft’s reported ToolShell exploit chain targeting SharePoint vulnerabilities and a tracked activity cluster dubbed CL-CRI-1040. This cluster,…
Security researchers have uncovered a highly advanced network of Chinese-speaking cybercriminal syndicates orchestrating smishing attacks that exploit digital wallet tokenization, potentially compromising up to 115…
