SquarePhish is an advanced phishing tool that uses a technique combining the OAuth Device Code authentication flow and QR codes. Attack Flow Step 1: QR Code Email An attacker will send an initial email...
A new tool has emerged on the cybercriminal marketplace—one that has swiftly become a weapon of choice for dozens of groups. This is HeartCrypt, a malware-packing service that disguises malicious code as familiar, legitimate...
Specialists have disclosed a new critical vulnerability in the wireless network configuration procedure of Unitree robots. The flaw, dubbed UniPwn, was detailed on September 20 and affects the quadruped models Go2 and B2, as...
Researchers at Fortinet FortiGuard Labs have uncovered a new cyber-attack campaign masquerading as communications from the National Police of Ukraine and employing an unusual malware delivery chain. The attackers dispatch emails with SVG attachments...
Experts at Silent Push have released an in-depth study on subdomain rental services, often referred to in documentation and forums as Dynamic DNS. These platforms allow any user to acquire a third-level domain and...
The world’s leading cybersecurity agencies have issued urgent warnings of a critical threat to global network infrastructure: vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower systems are under heavy, coordinated attack. The alarm...
GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages, Go modules, GitHub actions, or VSCode extensions. It runs a set of heuristics on the package source code (through Semgrep...
For more than a decade, the Vane Viper network has remained one of the largest clandestine players in the sphere of malicious online advertising. The latest report from Infoblox, prepared in collaboration with Guardio...
CloudSEK researchers have reported a large-scale campaign leveraging a Loader-as-a-Service botnet, which over the past six months has transformed home routers and IoT devices into engines for cryptocurrency mining and Mirai-style attacks. An analysis...
Trend Micro has reported the emergence of a new iteration of one of the most notorious ransomware families — LockBit 5.0. Researchers describe it as “significantly more dangerous” than its predecessors, as it now...