Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens
Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a…
⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going…
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS…
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of…
U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware
The U.S. Department of Justice (DoJ) this week announced the indictment of 54 individuals in connection with a…
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to…
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware
Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a…
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability
WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been…
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks
Authorities in Nigeria have announced the arrest of three “high-profile internet fraud suspects” who are alleged to have…
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards
Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability…