Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes
A new malicious campaign has been observed making use of malicious Android apps to steal users' SMS messages since at least February 2022 as...
Researchers Uncover Flaws in Windows Smart App Control and SmartScreen
Cybersecurity researchers have uncovered design weaknesses in Microsoft's Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to...
North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry
The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim...
Unlock the Future of Cybersecurity: Exclusive, Next Era AI Insights and Cutting-Edge Training at...
In an era of relentless cybersecurity threats and rapid technological advancement, staying ahead of the curve is not just a necessity, but critical. SANS...
Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences."The impact of...
EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files
The Russian government and IT organizations are the target of a new campaign that delivers a number of backdoors and trojans as part of...
The AI Hangover is Here – The End of the Beginning
After a good year of sustained exuberance, the hangover is finally here. It's a gentle one (for now), as the market corrects the share...
RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks
A cybercrime group with links to the RansomHub ransomware has been observed using a new tool designed to terminate endpoint detection and response (EDR)...
Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts
A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud...
Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware
Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a loader called FakeBat."These attacks are opportunistic in nature, targeting...