Authorities Shut Down Tycoon 2FA Phishing Platform Used to Bypass MFA
Europol and partners dismantle Tycoon 2FA phishing service used to bypass MFA, disrupting a global phishing-as-a-service operation targeting organisations.
Scam
The Most Common Swap Scams in 2026, and How to Avoid Them
Swap scams target traders through fake DEX sites, token approvals, and phishing. Learn how to detect swap scams and protect funds before you swap now.
Hackers Abuse .arpa Top-Level Domain to Host Phishing Scams
Hackers abuse the .arpa Top-Level Domain to host phishing scams, using IPv6 tunnels, reverse DNS tricks, and shadow domains to bypass security checks.
Fake Zoom and Google Meet Pages Trick Users Into Installing Monitoring Tool
Fake Zoom and Google Meet pages trick users into installing a monitoring software on Windows systems through phishing links and fake updates.
Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns
Fake Xeno and Roblox gaming tools are spreading a Windows RAT (remote access trojan) using PowerShell and LOLBins, Microsoft Threat Intelligence warns.
Fake Avast Website Targets Users With €499 Phishing Refund Scam
Fraudsters clone Avast’s website to target French users with a €499 phishing scam, using urgency tactics, live chat, and card validation to steal payment data.
New ZeroDayRAT Malware Claims Full Monitoring of Android and iOS Devices
Meet ZeroDayRAT, a newly advertised malware targeting Android and iOS devices with surveillance, location tracking, and crypto theft tools sold via Telegram as a MaaS service.
Hackers Use Excel Exploit to Hide XWorm 7.2 in JPEG Files, Hijack PCs
A new phishing campaign is spreading XWorm 7.2 via malicious Excel files, hiding the malware in Windows processes, and using AES encryption to steal passwords and Wi-Fi keys.
New ClickFix Attack Targets Crypto Wallets and 25+ Browsers with Infostealer
Researchers at CyberProof have identified a new fake captcha campaign linked to the ClickFix operation. This stealthy infostealer targets over 25 browsers, cryptocurrency wallets like MetaMask, and gaming accounts by tricking users into executing malic…
Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails
Forcepoint X-labs reveals how hackers use fake SSA emails and hijacked ScreenConnect tools to bypass Windows security to target UK, US, and Canadian organisations.