What happened: Attackers exploit Google Tag Manager in WordPress websites to redirect users to malicious domains. Why it matters: Maliciousโฆ
News
Flaw impact: A TeleMessage communication tool vulnerability permits unauthenticated endpoint access, exposing sensitive user details. Critical risks: This flaw criticallyโฆ
What happened: Public GitHub repositories were leveraged to host the Emmenhtal loader, Amadey malware, and AsyncRAT. Multi-stage infection: The Emmenhtalโฆ
What happened: A Special Forces headquarters email containing relocation details for Afghans was sent to the wrong recipient. People impacted:โฆ
Trick Cloaking: The Hoax Tech and JS Click Cloaker intelligent cloaking solutions are used for shielding fraudulent websites. AI-powered tools:โฆ
Russia plans fines for users searching extremist content, even when using VPN services. New law proposes penalties for advertising VPNsโฆ
Prolonged access: Salt Typhoon gained extensive access to the National Guardโs internal network for nearly a year. Extended compromise: Theโฆ
Cryptocurrency theft: Octalyn Stealer aggressively targets cryptocurrency wallets like Bitcoin, Ethereum, Litecoin, and Monero. VPNs targeted: It captures VPN configurationโฆ
Operation Eastwood: Global authorities have taken down over 100 servers used for DDoS attacks on various entities. Why it matters:โฆ
EUโs 2030 roadmap proposes lawful access to encrypted data for law enforcement agencies. Experts concern for EU's plan shows howโฆ
A Blocking First: Cloudflare is the first anti-piracy internet intermediary beyond ISPs to block pirate sites. Legal Reasons: A legalโฆ
What Happened: Cameron John Wagenius pleaded guilty to extra charges in an ongoing lawsuit, including ransomware extortion. Fraud Conspiracy: DOJโฆ
What Happened: The Ukrainian BO Team claimed a successful Gaskar Group network and server infrastructure breach. Assets Impacted: The attackersโฆ
An Australian-Russian national, Simeon Boikov, was sanctioned for disseminating false information on critical topics. The individual spread misinformation targeting theโฆ
Phishing campaigns are leveraging a sophisticated method called SVG smuggling. Attackers exploit SVGs by disguising malicious JavaScript code as partโฆ
Attackers utilize advanced phishing to exploit trust in software downloads from familiar-looking websites. Security researchers flagged over 600 domains linkedโฆ
A government employee with ties to DOGE was the source of another API key data breach. Marko Elez leaked aโฆ
DragonForce listed U.S. department store chain Belk as its latest victim. The attackers reportedly accessed and exfiltrated confidential information. Belkโฆ
A Google Gemini for Workspace prompt-injection vulnerability that allows for hidden prompts. Attackers use a known technique โ zero fontโฆ
Stormous Ransomware published samples from an alleged data breach targeting North Country HealthCare. The threat actor intends to sell 500,000โฆ
Get expert insights on threats, breaches, scams, and security trends โ delivered every Saturday.
Most Popular
