US offers $10 million reward over Russian cyber campaign targeting Signal, WhatsApp
Russia-linked hacking groups tracked as UNC5792 and UNC4221 have socially engineered their way into the messaging accounts of government officials.
20 articles
Russia-linked hacking groups tracked as UNC5792 and UNC4221 have socially engineered their way into the messaging accounts of government officials.
The campaign, dubbed "Poisoned Tenant" and discovered by Push Security, involves attackers creating fake OpenAI organizations using Gmail addresses but sendi...
The campaign, which Microsoft has not attributed to a known threat actor, uses lures referencing common hotel operational issues like guest complaints, bedbu...
The StrikeShark campaign exhibits a broad geographic reach, targeting a diplomatic organization in Indonesia, government entities in Taiwan, software develop...
Group-IB says Millenium RAT, now rewritten in C++, has hit 62,289 devices in 160+ countries
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukrain...
Microsoft shut down the StegoAd campaign, which used 119 malicious Edge extensions, hit 2.6M installs, and ran undetected for two years.
The AI-agent ecosystem experienced its largest supply-chain compromise to date when ClawHavoc detonated across ClawHub, the official skill marketplace for Op...
Ukraine’s SSU and the FBI Just Confirmed Russian Intelligence Has Been Systematically Hacking Messenger Accounts for Years. The Security Service of Ukraine (...
Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and font files, th...
UNC1151 tracked by many as Ghostwriter or FrostyNeighbor has advanced a credential-phishing technique that uses a real-time WebSocket relay to defeat SMS and...
The U.S.
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter More...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Encrypted DNS still tells an eavesdropper where to look Enc...
The Security Service of Ukraine (SSU) said it, together with the U.S.
Microsoft warns of a phishing campaign targeting the hospitality sector with fake guest emails that install TonRAT using resilient persistence. Microsoft Thr...
CL-STA-1062 employs a hybrid toolkit, combining open-source tools like SoftEther VPN, Mimikatz, and VNT with a newly discovered custom backdoor named TinyRCT.
The FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Signal Backup Recover...
A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for d...
Chinese-speaking APT CL-STA-1062 targeted Southeast Asian government and energy networks open-source tools, and a new TinyRCT backdoor.