A survey of 1,042 senior cybersecurity managers in the U.S., the United Kingdom and Australia finds only 5% have implemented quantum-safe encryption, even though 69% recognize the risk quantum computing poses to legacy encryption technologies.
The post Survey Surfaces Limited Amount of Post Quantum Cryptography Progress appeared first on Security Boulevard.
Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. The videos are getting published by a number of TikTok user accounts, seem AI-made, and are apparently attracting a large audience. “The videos [verbally] instruct viewers to run a sequence of commands to purportedly activate legitimate software, such as Windows OS, Microsoft Office, CapCut, and Spotify,” the researchers noted. “The … More →
The post TikTok videos + ClickFix tactic = Malware infection appeared first on Help Net Security.
A major cybersecurity incident has come to light after researcher Jeremiah Fowler discovered a publicly accessible database containing 184,162,718 unique logins and passwords—totaling 47.42 GB of raw credential data. The exposed records included sensitive information such as emails, usernames, passwords, and direct URLs to login pages for a wide variety of services. These ranged from […]
The post Hackers Expose 184 Million User Passwords via Open Directory appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
A disturbing new formjacking malware has emerged, specifically targeting WooCommerce-based e-commerce sites to steal sensitive credit card information, as recently uncovered by the Wordfence Threat Intelligence team. Unlike conventional card skimmers that overlay fake forms on checkout pages, this malware seamlessly integrates into the legitimate payment workflow of WooCommerce sites, mimicking their design and functionality […]
The post New Formjacking Malware Targets E-Commerce Sites to Steal Credit Card Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
A security vulnerability was recently discovered in GitLab Duo, the AI-powered coding assistant integrated into GitLab and based on Anthropic’s Claude models. Security researchers from Legit Security revealed that attackers could exploit an indirect prompt injection flaw to exfiltrate private source code, manipulate AI-generated code suggestions, and even leak confidential zero-day vulnerabilities—all through seemingly innocuous […]
The post GitLab Duo Vulnerability Exploited to Inject Malicious Links and Steal Source Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Elastic Security Labs has recently exposed a sophisticated new malware family dubbed DOUBLELOADER, observed in conjunction with the RHADAMANTHYS infostealer. This discovery sheds light on the evolving tactics, techniques, and procedures (TTPs) of cybercriminals who leverage advanced obfuscation tools to hinder analysis. Notably, DOUBLELOADER is protected by ALCATRAZ, an open-source obfuscator first released in 2023, […]
The post Researchers Uncover Infrastructure and TTPs Behind ALCATRAZ Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
At RSAC 2025, Cato Networks delivered a presentation that SOC teams and CISOs will want to pay attention to: “Suspicious Minds — Hunting Threats That Don’t Trigger Security Alerts.” The session showcased ransomware campaigns that bypassed traditional detection. In some cases, this was not because security solutions malfunctioned, but because there was no visibility into key attack vectors. Among the examples highlighted, the Hunters International operation stood out to me due to how seamlessly it exploited the browser to gain access to an enterprise.
Likely emerging from the remains of the Hive ransomware gang, Hunters International has rapidly grown into a prolific and disruptive ransomware syndicate. They use multiple methods to gain initial access, but the one that Cato Networks highlighted in its presentation leveraged legitimate IT management tools and strategic abuse of the browser environment — which is a growing blind spot that enables many modern security stacks.
Let’s unpack this particular case study on Hunter International — and review how Browser Detection and Response (BDR) could have stopped it before any damage occurred.
From a Sponsored Link to Systemwide InfectionCato’s researchers traced the origin of the breach to a malvertising campaign embedded in Google Ads. Threat actors bought ads for widely searched utilities like Angry IP Scanner, redirecting unsuspecting users to typosquatted sites such as angryipo[.]org. These sites, masked behind reputable-looking CDNs and cloud services, appeared legitimate. In fact, buying ads that direct visitors to malicious sites has become a popular method for attackers, as most paid ads don’t go through the same security scrutiny as a phishing email would these days.
In the Cato case study, users who downloaded what they believed was the actual utility were instead given the WorkersDevBackdoor malware, often hosted on platforms like Dropbox or Microsoft’s content delivery network.
The kill chain progressed in structured stages:
The failure wasn’t in detection engines per se — it was a matter of visibility gaps.
Most traditional tools are blind to what happens inside the browser.
By the time EDR or SASE/SSE detected any signs of malicious activity, the attackers had already spread laterally.
By the time EDR or SASE/SSE detected any signs of malicious activity, the attackers had already spread laterally.
Where BDR Would Have Changed the OutcomeWith a Browser Detection and Response (BDR) solution, this attack could have been interrupted at the very first step.
Here’s how BDR could have disrupted the campaign:
This layered visibility would have enabled early intervention, long before ransomware deployment or data exfiltration.
Don’t Wait for the Next Unseen AttackRansomware operators like Hunters International are increasingly targeting the spaces where your tools have the least insight. The browser is now the frontline attack surface — and attackers know it.
It’s time to deploy defenses that operate where the breach begins.
👉 Run a browser threat detection check now at https://scan.browser.security 👉 Or book a demo to explore how SquareX can secure your browser perimeter.
How Hunters International Used the Browser to Breach Enterprises — And Why They Didn’t See It… was originally published in SquareX Labs on Medium, where people are continuing the conversation by highlighting and responding to this story.
The post How Hunters International Used the Browser to Breach Enterprises — And Why They Didn’t See It… appeared first on Security Boulevard.
Operation Endgame, mounted by law enforcement and judicial authorities from the US, Canada and the EU, continues to deliver positive results by disrupting the DanaBot botnet and indicting the leaders of both the DanaBot and Qakbot Malware-as-a-Service operations. Operation Endgame 2.0 Coordinated by Europol and Eurojust, the operation was first made public a year ago, when it disrupted the global infrastructure used to deliver malware droppers and trojans – SystemBC, Bumblebee, SmokeLoader, IcedID, and Pikabot … More →
The post DanaBot botnet disrupted, QakBot leader indicted appeared first on Help Net Security.