Five malicious packages were found on the Python Package Index (PyPI), stealing passwords, Discord authentication cookies, and cryptocurrency wallets from…
Blog
Domain registrar Namecheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that…
A new threat actor tracked as TA886 targets organizations in the United States and Germany with new custom malware to…
A campaign operated by Russian threat actors uses fake job offers to target Eastern Europeans working in the cryptocurrency industry,…
Many online stores are exposing private backups in public folders, including internal account passwords, which can be leveraged to take…
New research from NCC Group and Abnormal Security shows clouds and a bit of silver to line them: Ransomware attacks…
A new version of the Medusa DDoS (distributed denial of service) botnet, based on Mirai code, has appeared in the…
A new QBot malware campaign dubbed “QakNote” has been observed in the wild since last week, using malicious Microsoft OneNote’…
Exploit code has been released for an actively exploited zero-day vulnerability affecting Internet-exposed GoAnywhere MFT administrator consoles. GoAnywhere MFT is…
A new hacking campaign exploits Sunlogin flaws to deploy the Sliver post-exploitation toolkit and launch Windows Bring Your Own Vulnerable…