Threat actors operating under the name ShinyHunters have orchestrated a series of cyberattacks targeting major corporations, including Qantas, Allianz Life, LVMH, and Adidas. Each incident centers around attempts to infiltrate client Salesforce environments through...
Email protection mechanisms, originally conceived as a bulwark against malicious links, have ironically become unwitting allies to cybercriminals. Researchers have uncovered a troubling trend: threat actors are increasingly exploiting “link wrappers” provided by platforms...
The Scattered Spider group has intensified its assaults on corporate IT environments, concentrating its efforts on VMware ESXi hypervisors within U.S. companies across the retail, transportation, and insurance sectors. Rather than exploiting conventional software...
Clorox has filed a lawsuit against the global IT services provider Cognizant, accusing the company of gross negligence that allegedly led to a devastating cyberattack in August 2023. According to the complaint, Cognizant—tasked with...
Cybercriminals are mastering increasingly sophisticated methods of delivering malicious code, leveraging unconventional file formats to evade security defenses. A recent case documented by researchers illustrates how a seemingly innocuous audio message in WAV format...
Over the past several months, researchers at Cyble Research and Intelligence Labs (CRIL) have been closely monitoring a large-scale and technically sophisticated phishing campaign known as Scanception. Its hallmark lies in the use of...
The Gemini AI assistant, integrated into Google Workspace, has unexpectedly proven vulnerable to a novel form of social engineering. By exploiting a particular method of structuring content within emails, malicious actors can deceive the...
Despite the rapid advancements in chatbot technology, modern AI models still frequently err when asked to identify the official websites of well-known companies. According to researchers at Netcraft, these inaccuracies present fresh opportunities for...
A threat group linked to the Democratic People’s Republic of Korea (DPRK) is intensifying its attacks on companies operating in the Web3 and cryptocurrency sectors, deploying malware crafted in the Nim programming language. These...
Telephone-based fraud schemes masquerading as customer support from well-known brands are rapidly gaining traction among cybercriminals. According to researchers at Cisco Talos, attackers are increasingly employing a method known as TOAD (Telephone-Oriented Attack Delivery),...
A newly discovered technique in Windows allows malicious scripts to be executed without triggering any user warnings. This method, known as FileFix, has been refined to exploit a vulnerability in how browsers handle saved...
The United States Federal Bureau of Investigation has issued an official warning regarding the escalating operations of the hacker collective known as Scattered Spider, which has now begun actively targeting the aviation sector. According...
ESET researchers have identified a new wave of cyberattacks exploiting data from contactless payments via NFC technology. Initially targeting clients of Czech banks, this malicious campaign has now begun to spread rapidly across the...
Nicholas Michael Kloster, a resident of Kansas City, has found himself at the center of a high-profile criminal case, culminating in his guilty plea to a series of cybercrimes. According to the U.S. Department...
The social engineering technique known as ClickFix—based on deceptive CAPTCHA prompts—has witnessed a dramatic surge in popularity among cybercriminals over the past year. According to ESET, between July 2024 and June 2025, the number...
A new wave of malicious npm packages has been uncovered, linked to the ongoing Contagious Interview operation, which has been attributed to North Korean threat actors. The discovery was made by the cybersecurity firm...
