Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites
Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc."The...
U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices
The U.K.'s Information Commissioner's Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking...
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks
Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code.The...
⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists
This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into...
The New Ransomware Groups Shaking Up 2025
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4,...
Vo1d Botnet’s Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries
Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware...
Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language
Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to...
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a...
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It's like...
5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs
Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's content delivery network (CDN)...