In this campaign, attackers begin by directing victims through a seemingly legitimate workflow that gives the attack an air of authenticity. The initial link sends users to content hosted on googleusercontent[.]com, a trusted Google-controlled domain, which helps lower suspicion. At…
Security researchers have uncovered a long-running and highly targeted phishing operation that abuses the npm ecosystem to steal login credentials from professionals working in sensitive industries. The campaign, which has been active for several months, relies on malicious npm packages…
Security researchers are warning of active intrusion attempts targeting Fortinet FortiGate devices, following the discovery of malicious single sign-on (SSO) activity linked to recently disclosed vulnerabilities. The activity was first identified last Friday, according to a new report from Arctic…
A wave of coordinated credential-based cyberattacks has been targeting popular remote access technologies, including Palo Alto Networks GlobalProtect and Cisco SSL VPNs. According to recent findings from GreyNoise, the activity intensified in mid-December and appears to be part of a…
Cybersecurity researchers are warning about a sharp rise in attacks using a technique known as device code phishing, a method increasingly favored by both state-sponsored and criminal hacking groups. According to a new report from Proofpoint, multiple threat actors —…
Cybersecurity researchers have uncovered a sophisticated cyber-espionage campaign linked to a China-aligned threat group that used DNS poisoning to secretly infect targeted systems with advanced malware. According to security firm Kaspersky, the campaign ran quietly between November 2022 and November…
Learn how cybercriminals trick people every day—and what you can do to stay safe. Phishing scams are one of the most common and dangerous cyber threats today. They don’t rely on advanced hacking tools — they rely on human trust.…
