China-linked spies backdoored authentication stack to stay hidden for years
A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected,...
20 articles
A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected,...
Google Threat Intelligence Group (GTIG) has identified a sophisticated campaign attributed to UNC6508, a People's Republic of China (PRC)-nexus threat actor,...
A financially motivated campaign dubbed “Payroll Pirate” has emerged using advanced phishing and adversary-in-the-middle (AiTM) session hijacking to bypass m...
A long-running, highly disciplined intrusion attributed to the China-nexus actor known as Velvet Ant has been revealed as a near-decade campaign of silent ac...
French officials say roughly 73,000 government accounts were affected, while the threat actor claims to have stolen messages and user data from the sovereign...
A coordinated campaign of 23 seemingly legitimate Chrome extensions tracked as “SearchJack” has quietly hijacked the default search settings of roughly 758,0...
PromptSnatcher (internal identifier: Panel 231) is a modern, stealthy data collection operation embedded inside two browser extensions that masquerade as ad‑...
A misconfigured PHP-based malware distribution platform has been exposed after a security researcher inadvertently gained administrative access via an unlock...
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider ...
A massive, coordinated network of 152 malicious Google Chrome browser extensions has been dismantled after researchers caught the operation generating fake o...
A massive, coordinated network of 152 malicious Google Chrome browser extensions has been dismantled after researchers caught the operation generating fake o...
The group's operation, dubbed Operation Highland, involved backdooring the Pluggable Authentication Modules (PAM) and OpenSSH components, which are fundament...
The lawsuit targets Outsider Enterprise, a network believed to be based in China, for allegedly using AI to impersonate Google and other brands in scam text ...
Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to ...
Over 20 Linux packages were compromised in the Atomic Arch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and...
A notable operational pivot by the GRU-linked intrusion set APT28 (aka Fancy Bear, Sofacy, Forest Blizzard, Pawn Storm) that combines the MooBot botnet and c...
Hackers have been using typosquatting npm packages to weaponize the trust Web3 teams place in open-source dependencies, turning routine installs into a path ...
An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. T...
A suspected cyberattack targeting Tchap, the secure messaging platform used by French government agencies, has reportedly exposed sensitive data belonging to...