New Wave of AiTM Phishing Targets TikTok for Business
Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages
Information Security Magazine
TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack
2 weeks 5 days ago
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware
Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google
2 weeks 6 days ago
‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration
UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
2 weeks 6 days ago
The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever”
Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
2 weeks 6 days ago
Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code
Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds
2 weeks 6 days ago
Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study
EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts
2 weeks 6 days ago
EtherRAT hides C2 in Ethereum smart contracts via EtherHiding, steals wallets and credentials
AI Becomes the Top Cybersecurity Priority for Defenders as Criminals Exploit It, PwC Warns
2 weeks 6 days ago
PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients
OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns
3 weeks ago
OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws
Iran-Linked Pay2Key Ransomware Group Re-Emerges
3 weeks ago
Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key
Invoice Fraud Costs UK Construction Sector Millions, NCA Warns
3 weeks ago
The National Crime Agency has warned construction firms about surging invoice fraud
Cloud Phones Linked to Rising Financial Fraud Threat
3 weeks ago
Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts
Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne
3 weeks ago
Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials
US: FCC Bans Foreign-Made Routers Over National Security Concerns
3 weeks 1 day ago
The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list”
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
3 weeks 1 day ago
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
3 weeks 1 day ago
Expel has warned of malicious Chrome extensions stealing users’ AI conversations
Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown
3 weeks 1 day ago
UK police trumpet success of Operation Henhouse as they seize and freeze over £27m in suspected fraud proceeds
RSA Conference: UK NCSC Head Urges Industry to Develop Vibe Coding Safeguards
3 weeks 1 day ago
The head of the UK’s NCSC is calling the cybersecurity industry to “seize the disruptive vibe coding opportunity” to make software more secure
Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage
3 weeks 1 day ago
Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing
Citrix Urges Immediate Patching for Critical NetScaler Vulnerabilities
3 weeks 1 day ago
A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the appliance's memory
Checked
4 hours 45 minutes ago