Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages

27/05/2025 0 Comments 0 tags

Microsoft has shed light on a previously undocumented cluster of threat activity originating from a Russia-affiliated threat actor dubbed Void Blizzard (aka Laundry Bear) that it said is attributed to

Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers

27/05/2025 0 Comments 0 tags

Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices and facilitate payroll fraud. The activity, first detected

Hackers Are Calling Your Office: FBI Alerts Law Firms to Luna Moth’s Stealth Phishing Campaign

27/05/2025 0 Comments 0 tags

The U.S. Federal Bureau of Investigation (FBI) has warned of social engineering attacks mounted by a criminal extortion actor known as Luna Moth targeting law firms over the past two

Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents

27/05/2025 0 Comments 0 tags

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an initial payload. The attack chain is a departure

Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto

26/05/2025 0 Comments 0 tags

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled

CISO’s Guide To Web Privacy Validation And Why It’s Important

26/05/2025 0 Comments 0 tags

Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO’s guide provides a practical roadmap for continuous web privacy validation that’s aligned with real-world practices.

⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs

26/05/2025 0 Comments 0 tags

Cyber threats don’t show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the key isn’t just reacting to

Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware

25/05/2025 0 Comments 0 tags

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. The campaign, first

Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique

23/05/2025 0 Comments 0 tags

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. “The ClickFix technique is particularly risky because it

ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

23/05/2025 0 Comments 0 tags

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like network. The threat