Hackers Use KakaoTalk and Google Find Hub in Android Spyware Attack
North Korea-linked KONNI hackers used KakaoTalk and Google Find Hub to spy on victims and remotely wipe Android devices in a targeted phishing campaign.
Cyber Attack
Fake NPM Package With 206K Downloads Targeted GitHub for Credentials
Veracode Threat Research exposed a targeted typosquatting attack on npm, where the malicious package @acitons/artifact stole GitHub tokens. Learn how this supply chain failure threatened the GitHub organisation’s code.
Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats
Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data.
“I Paid Twice” Scam Infects Booking.com Users with PureRAT via ClickFix
Cybersecurity firm Sekoia reports a widespread fraud where criminals compromise hotel systems (Booking.com, Expedia and others) with PureRAT malware, then use stolen reservation data to phish and defraud guests.
“I Paid Twice” Scam Infects Booking.com Users with PureRAT via ClickFix
Cybersecurity firm Sekoia reports a widespread fraud where criminals compromise hotel systems (Booking.com, Expedia and others) with PureRAT malware, then use stolen reservation data to phish and defraud guests.
Fake 0-Day Exploit Emails Trick Crypto Users Into Running Malicious Code
Bolster AI reveals a new scam using a simple JS code via Emkei’s Mailer to fake 37% profits and steal crypto. Act fast to secure your wallet.
U.S. Congressional Budget Office Hit by Cyberattack, Sensitive Data Compromised
The Congressional Budget Office (CBO), which serves as Congress’s official financial advisor, has been targeted in a suspected cyberattack by suspected foreign actors. The breach exposed sensitive financial research data that lawmakers rely on to…
Former GCHQ Chief: Cybersecurity, AI, and the New Age of Multilateral Defense
EXPERT INTERVIEW — The last few months have seen a series of major cyber incidents which have frozen airports, crippled companies, compromised government systems, and stolen millions from unwitting victims. Cyber leaders are warning that the threat is…
Cavalry Werewolf Hit Russian Government with New ShellNET Backdoor
Doctor Web uncovers a targeted cyberattack on a Russian government body by the Cavalry Werewolf group using a new ShellNET backdoor and Telegram-based control.
Hackers Steal Personal Data and 17K Slack Messages in Nikkei Data Breach
Nikkei confirms breach after a virus infected an employee PC, exposing 17,368 names and Slack chat histories. The media giant reported the incident voluntarily.