Posted inVulnerabilities
From Cybersecurity Help – Alleged Scattered Spider member pleads guilty
Additionally, Noah Urban has reportedly agreed to pay $13 million in restitution to 59 victims of his cybercrimes. Read More
Posted inArticles
From Graham Cluley – HellCat ransomware: what you need to know
HellCat - the ransomware gang that has been known to demand payment... in baguettes! Are they rolling in the dough? Bread it and weep in my article on the Tripwire…
Posted inNews
From The Hacker News – ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks?
Step behind the curtain with us this week as we explore breaches born from routine oversights—and the unexpected
Posted inNews
From Dark Reading – Evilginx Tool (Still) Bypasses MFA
Based on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens. Read More
Posted inNews
From Security Week – Morphing Meerkat Phishing Kits Target Over 100 Brands
[[{"value":"A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages. The post Morphing Meerkat Phishing Kits Target Over 100 Brands appeared first…
Posted inNews
From Security Week – Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe
[[{"value":"The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on…
Posted inNews
From The Hacker News – Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability
Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day.
The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape.
"Following the recent Chrome sandbox escape (
Posted inArticles
From Krebs on Security – When Getting Phished Puts You in Mortal Danger
Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting…
.webp)
Posted inNews
From Cyber Security News – New Sophisticated Malware CoffeeLoader Bypasses Endpoint Security to Deploy Rhadamanthys Shellcode
Cybersecurity researchers have uncovered a sophisticated new malware strain targeting macOS systems, dubbed “CoffeeLoader,” which employs advanced techniques to bypass endpoint security solutions and deliver Rhadamanthys shellcode payloads. The malware…
Posted inNews
From The Hacker News – Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years
A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident response firm Sygnia.
The cybersecurity company is tracking the activity under the name Weaver Ant, describing the threat actor as stealthy and highly persistent. The name of the telecom provider was not
Posted inNews
From Security Week – Ransomware Shifts Tactics as Payouts Drop: Critical Infrastructure in the Crosshairs
[[{"value":"Threats themselves change very little, but the tactics used are continually revised to maximize the criminals’ return on investment and effort. The post Ransomware Shifts Tactics as Payouts Drop: Critical…
.webp)
Posted inNews
From Cyber Security News – New Malware Attacking Android Users Abusing Cross-Platform Framework For Evasion
Cybercriminals have developed sophisticated malware campaigns targeting Android users by exploiting .NET MAUI, a cross-platform development framework, to evade traditional security measures. These threats disguise themselves as legitimate banking and…
Posted inNews
From Security Week – Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing
[[{"value":"Analysis reveals a 140% increase in browser phishing, including a 130% increase in zero-hour phishing attacks. The post Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing appeared first…
Posted inNews
From Dark Reading – ClickFix Attack Compromises 100+ Car Dealership Sites
The ClickFix attack tactic seems to be gaining traction among threat actors. Read More
.webp)
Posted inNews
From Cyber Security News – 23,000 GitHub Repositories Targeted In Supply Chain Attack
In a massive security breach discovered this week, approximately 23,000 GitHub repositories have been compromised in what security experts are calling one of the largest supply chain attacks to date.…