Flux RSS

Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key

Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts

Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group

Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing

Ghost npm campaign fakes install logs to steal sudo passwords and drop RATs that loot crypto and data

Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware

New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CI/CD scans

Mobile banking malware targets over 1200 financial apps globally, shifting fraud to user devices

The UK’s financial regulator has issued new rules to make incident and third-party reporting clearer

ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data

The FBI wants to hear from gamers who have downloaded Steam titles containing malware

PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse

The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker

Over 250 legitimate websites, including news outlets and a US Senate candidate’s official webpage, been compromised to infect visitors with infostealers, warn Rapid7 researchers

BlackSanta malware targets HR staff with fake resumes, kills EDR and steals system data

Palo Alto Networks’ Unit 42 has developed a successful attack to bypass safety guardrails in popular generative AI tools

A bank, an airport, a non-profit and the Israeli branch of a US software company were among the targets of this new MuddyWater campaign

Malicious insiders are using misusing AI for nefarious gain, while employees cutting corners also creates risk, warns Mimecast

Malware campaign uses Ukrainian email service for credibility, deploying "BadPaw" to execute attacks

Cloudflare Threat Report warns that AI tools enable attackers who lacked required skills to generate effective attacks rapidly and at scale