-
New FileFix attack runs JScript while bypassing Windows MoTW alerts
A new FileFix attack allows executing malicious scripts while bypassing the Mark of the Web (MoTW) protection in Windows by exploiting how browsers handle saved HTML webpages.
- July 01, 2025
- 12:37 PM
0
-
New wave of ‘fake interviews’ use 35 npm packages to spread malware
A new wave of North Korea's 'Contagious Interview' campaign is targeting job seekers with malicious npm packages that infect dev's devices with infostealers and backdoors.
- June 25, 2025
- 03:24 PM
0
-
How Black Rifle Coffee slashed offboarding from weeks to minutes
Manual IAM processes slow down IT and introduce risk.
In this webinar, see how Black Rifle Coffee leverages automation to reduce offboarding time from weeks to minutes, save 120 hours of analyst time, and strengthen their security posture - all without adding headcount.
-
Google: Hackers target Salesforce accounts in data extortion attacks
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organizations' Salesforce platforms.
- June 04, 2025
- 10:11 AM
- 0
-
Scattered Spider: Three things the news doesn’t tell you
Scattered Spider isn't one group — it's an identity-first threat model evolving fast. From vishing to AiTM phishing, they're exploiting MFA gaps to hijack the cloud. Watch the Push Security webinar to learn how their identity-based tactics work — and how to stop them.
- June 03, 2025
- 10:02 AM
- 0
-
Android malware Crocodilus adds fake contacts to spoof trusted callers
The latest version of the 'Crocodilus' Android malware has introduced a new mechanism that adds a fake contact on the infected device's contact list to deceive victims.
- June 03, 2025
- 05:00 AM
- 1
-
FBI warns of Luna Moth extortion attacks targeting law firms
The FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in callback phishing and social engineering attacks.
- May 23, 2025
- 11:26 AM
- 0
-
TikTok videos now push infostealer malware in ClickFix attacks
Cybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks.
- May 23, 2025
- 05:50 AM
- 1
-
3AM ransomware uses spoofed IT calls, email bombing to breach networks
A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems.
- May 21, 2025
- 01:27 PM
- 0
-
Coinbase data breach exposes customer info and government IDs
Coinbase, a cryptocurrency exchange with over 100 million customers, has disclosed that cybercriminals working with rogue support agents stole customer data and demanded a $20 million ransom not to publish the stolen information.
- May 15, 2025
- 09:28 AM
- 1
-
Hackers now testing ClickFix attacks against Linux targets
A new campaign employing ClickFix attacks has been spotted targeting both Windows and Linux systems using instructions that make infections on either operating system possible.
- May 12, 2025
- 02:10 PM
- 0
-
Luna Moth extortion hackers pose as IT help desks to breach US firms
The data-theft extortion group known as Luna Moth, aka Silent Ransom Group, has ramped up callback phishing campaigns in attacks on legal and financial institutions in the United States.
- May 05, 2025
- 06:19 PM
- 0
-
YouTubers extorted via copyright strikes to spread malware
Cybercriminals are sending bogus copyright claims to YouTubers to coerce them into promoting malware and cryptocurrency miners on their videos.
- March 08, 2025
- 10:11 AM
- 1
-
GrassCall malware campaign drains crypto wallets via fake job interviews
A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious "GrassCall" meeting app that installs information-stealing malware to steal cryptocurrency wallets.
- February 26, 2025
- 06:27 PM
- 0
-
Venture capital giant Insight Partners hit by cyberattack
New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack.
- February 18, 2025
- 03:33 PM
- 0
-
DPRK hackers dupe targets into typing PowerShell commands as admin
North Korean state actor 'Kimsuky' (aka 'Emerald Sleet' or 'Velvet Chollima') has been observed using a new tactic inspired from the now widespread ClickFix campaigns.
- February 12, 2025
- 01:56 PM
- 3
-
Ransomware gangs pose as IT support in Microsoft Teams phishing attacks
Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network.
- January 21, 2025
- 10:59 AM
- 0
-
Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack.
- October 25, 2024
- 04:55 PM
- 0
-
MoneyGram: No evidence ransomware is behind recent cyberattack
MoneyGram says there is no evidence that ransomware is behind a recent cyberattack that led to a five-day outage in September.
- October 05, 2024
- 10:16 AM
- 0
-
Clickbaity or genius? 'BF cheated on you' QR codes pop up across UK
A new wave of QR codes has popped up across UK claiming to share a video of a boyfriend who "cheated" on a girl named Emily last night. Clickbaity or genius?
- September 20, 2024
- 10:10 AM
- 0
-
Suspects behind $230 million cryptocurrency theft arrested in Miami
Two suspects were arrested in Miami this week and charged with conspiracy to steal and launder over $230 million in cryptocurrency using crypto exchanges and mixing services.
- September 19, 2024
- 06:57 PM
- 1
0
.jpg)
