PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert ...
20 articles
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert ...
The intelligence agencies, comprising the UK, US, Canada, Australia, and New Zealand, detailed a sophisticated espionage campaign.
A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. [.
The campaign begins with a phishing email containing an HTML attachment.
The approximately 150-day espionage campaign incrementally exfiltrated emails to cloud services.
A large-scale npm supply chain attack has compromised at least 57 packages across more than 286 malicious versions in a rapid, coordinated campaign that unfo...
North Korean Lazarus Group targets npm developers with brandjacking packages that mimic trusted tools, drop malware and put credentials at risk.
Hackers are leveraging large-scale malvertising campaigns to distribute a newly identified macOS backdoor dubbed FlutterShell, marking a significant evolutio...
Hackers are actively abusing interest in AI development tools by launching a sophisticated SEO poisoning campaign that impersonates Anthropic’s Claude Code i...
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. The post Chinese Cybercrime Grou...
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell....
A newly uncovered supply chain attack dubbed “IronWorm” is leveraging malicious npm packages to compromise developer environments, steal sensitive credential...
Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Tra...
A prolonged and highly targeted espionage campaign has been uncovered involving the compromise of a senior executive’s Microsoft Outlook account at a major g...
Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in smal...
Threat actors are abusing paid search ads to push a fake ChatGPT download site, underscoring how malvertising is increasingly used to target users who trust ...
A series of targeted intrusions against cryptocurrency organizations, attributing the activity to a newly identified threat actor tracked as JINX-0164. The c...
International Operation KRATOS led by Europol dismantled illegal streaming networks, leading to 29 arrests and nine crime groups taken down.
The U.S.
Hackers are actively targeting Chrome extension developers with a sophisticated phishing campaign that impersonates official Chrome Web Store copyright enfor...