Attackers Move Past Typosquatting to Realistic Package Impersonation
Most malicious open source packages now mimic real code rather than rely on typosquatting
Information Security Magazine
Microsoft Condemns "Uncoordinated" Zero Day Disclosures
2 weeks ago
Microsoft warned the disclosure of several unpatched vulnerabilities without notice has put “customers at unnecessary risk”
New Threat Actor Jinx-0164 Targets Crypto Developers on macOS
2 weeks ago
New actor Jinx-0164 hit crypto developers with fake recruiter lures and macOS malware
Infosecurity Europe: Cybersecurity Staff Prefer CISOs With Real Attack Response Experience, Study Reveals
2 weeks ago
ISC2 survey of cybersecurity professionals suggests that staff want their information security leaders to have experienced reacting to a significant cyber incident
GCHQ Chief Urges Action as AI Reshapes Cyber Threats
2 weeks ago
GCHQ director urges urgent business cyber action as AI and quantum reshape the threat
CrowdStrike, Google Take Down Glassworm Botnet
2 weeks 1 day ago
Operators of the malicious Glassworm botnet have been targeting software developers since at least early 2025
Infosecurity Europe: Why Burnout in Cybersecurity Demands Risk-Based Response
2 weeks 1 day ago
Cybermindz warns that cybersecurity burnout is a growing risk, urging organizations to move beyond wellness initiatives and adopt a measurable, risk-based approach to workforce stress
All Major LLMs Exposed to Multi-Turn Manipulation, Warn Researchers
2 weeks 1 day ago
Thousands of Fake FIFA Domains Target World Cup Fans
2 weeks 1 day ago
Group-IB uncovered Ghost Stadium phishing and 4300 fake FIFA World Cup domains targeting fans
68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise
2 weeks 1 day ago
UK firms plan higher cyber spending as AI adoption raises security concerns
PureLogs Variant Steals Data via Purchase Order Lures
2 weeks 1 day ago
FortiGuard Labs detailed a PureLogs campaign using JavaScript, PowerShell and process hollowing
Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception
2 weeks 2 days ago
Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators deliberately avoid domestic targets
BTMOB Android RAT Spreads Through No-Code Builder Tooling
2 weeks 2 days ago
BTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing lures
India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws
2 weeks 2 days ago
CERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelines
Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign
2 weeks 2 days ago
Iran's Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning
FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens
2 weeks 3 days ago
The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI
Fake Streams, Counterfeit Merch and Other Scams: How Fraudsters Target F1 Fans
2 weeks 3 days ago
From fake F1 streams to counterfeit merch, fraudsters are exploiting fans online and the Bitdefender Cybersecurity Grand Prix Fan Threat Index details how
Fake Gemini and Claude Code Sites Spread Infostealers Through SEO Poisoning
2 weeks 6 days ago
The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets
Apple Blocked $2.2bn in App Store Fraud in the Last Year
2 weeks 6 days ago
Total figure for fraudulent transactions Apple has blocked since 2020 now stands at over $11bn
Cybercriminal VPN Dismantled in Europol Crackdown
3 weeks ago
First VPN, a service used by ransomware actors and fraudsters, was dismantled by Europol
Checked
9 hours 36 minutes ago