Wave of 150 crypto-draining extensions hits Firefox add-on store
A malicious campaign dubbed ‘GreedyBear’ has snuck onto the Mozilla add-ons store, targeting Firefox users with 150 malicious extensions and stealing an estimated $1,000,000 from…
Latest Cybersecurity News — Page 1626
View all →
WhatsApp Has Taken Down 6.8 Million Accounts Linked to Malicious Activities
WhatsApp has successfully dismantled 6.8 million accounts linked to fraudulent activities during the first half of 2024, representing a significant escalation in the platform’s fight…
Weaponizing Microsoft 365 Direct Send to Bypass Email Security Defenses
Security researchers at StrongestLayer, in collaboration with Jeremy, a seasoned Security Architect at a major manufacturing firm, have exposed a multi-layered spear phishing attack that…
CISA, Microsoft warn organizations of high-severity Microsoft Exchange vulnerability
LAS VEGAS — Federal cyber authorities issued an alert Wednesday evening about a high-severity vulnerability affecting on-premises Microsoft Exchange servers shortly after a researcher presented…
SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw. The…
Microsoft 365 Direct Send Weaponized to Bypass Email Security Defenses
Cybersecurity researchers have uncovered a sophisticated spear phishing campaign that weaponizes Microsoft 365’s Direct Send feature to bypass traditional email security defenses and conduct hyper-personalized…
Hacker Extradited to U.S. for $2.5 Million Tax Fraud Scheme
Chukwuemeka Victor Amachukwu, also known as Chukwuemeka Victor Eletuo and So Kwan Leung, was extradited from France to the United States to face charges related…
SonicWall says recent attack wave involved previously disclosed flaw, not zero-day
SonicWall said late Wednesday that a wave of attacks targeting SonicWall 7 customers since July involved a previously disclosed improper access-control vulnerability and not a…
ScarCruft Hacker Group Launched a New Malware Attack Using Rust and PubNub
The North Korean state-sponsored Advanced Persistent Threat (APT) group ScarCruft has launched a sophisticated new malware campaign targeting South Korean users through a deceptive postal-code…
Risk Has Moved Beyond Your Inbox
For years, email was the main security battleground. Phishing, scams, and account takeovers were problems companies knew how to fight—at least in theory. Secure email…
ScarCruft Hacker Group Launches New Rust-Based Malware Attack Leveraging PubNub
The North Korean state-sponsored advanced persistent threat (APT) group known as ScarCruft has been linked to a sophisticated malware campaign targeting South Korean users. Disguised…
Google Confirms Salesforce Data Breach by ShinyHunters via Vishing Scam
In a recent revelation, Google has confirmed that one of its internal databases was breached by a well-known cybercriminal organization. The Google Threat Intelligence Group…