Threats

A sophisticated phishing campaign is targeting cryptocurrency investors with fraudulent emails claiming a mandatory Coinbase wallet migration requirement. These deceptive messages, bearing the subject line "Migrate to Coinbase wallet," are being distributed at a large...

A sophisticated phishing campaign is leveraging virtual hard disk (.vhd) files to distribute the dangerous VenomRAT malware. The attack begins with purchase order-themed emails containing archive attachments that, when extracted, reveal hard disk image files...

ClearFake, a malicious JavaScript framework first identified in July 2023, has evolved with sophisticated new social engineering tactics. Originally designed to display fake browser update pages, the framework has undergone significant developments, incorporating more advanced...

Cryptocurrency exchange Bybit detected unauthorized activity involving its Ethereum cold wallets, leading to a major security breach. The incident occurred during an ETH multisig transaction facilitated through Safe{Wallet}, when attackers intervened and manipulated the transaction,...

A sophisticated cybersecurity threat has emerged as threat actors have begun leveraging DLL side-loading techniques to distribute malicious Python code. This attack vector allows hackers to bypass standard security controls by exploiting the way legitimate...

A sophisticated malware campaign dubbed "DocSwap" has emerged targeting Android users globally by disguising itself as a legitimate document security and viewing application. The malware leverages social engineering tactics to trick users into installing what...

Microsoft has issued an urgent security advisory regarding a newly discovered malware strain called StilachiRAT, which specifically targets and exfiltrates data from Remote Desktop Protocol (RDP) sessions. The sophisticated malware has been observed in targeted...

A sophisticated new phishing campaign has been discovered that exploits Microsoft 365's legitimate infrastructure to conduct highly convincing credential harvesting and account takeover attempts. Unlike traditional phishing attempts that rely on lookalike domains or email...

Cloudflare has announced the first phase of end-to-end quantum readiness for its Zero Trust platform, enabling organizations to protect their corporate network traffic against future quantum computer threats.  The initiative, which builds on Cloudflare's research...

The Danish Agency for Social Security (CFCS) has issued an updated threat assessment warning of severe cyber threats targeting the nation’s telecommunications sector, signaling a heightened alert level for state-sponsored espionage.  The report, which supersedes...