New Phishing Attacks Exploit GitHub, Telegram Bots, and ASCII QR Codes
A new tax-themed malware campaign has been detected targeting the insurance and finance sectors, utilizing GitHub links in phishing emails to evade security measures and...
Firefox Zero-Day Vulnerability Exploited: Update Your Browser Immediately
Mozilla has disclosed a critical security flaw affecting Firefox and Firefox Extended Support Release (ESR), which is currently being actively exploited. The vulnerability, identified as...
Europol Dismantles Large-Scale Phishing Operation Targeting Mobile Phone Credentials
Law enforcement agencies have successfully dismantled an international criminal organization that operated a phishing platform used to unlock stolen or lost mobile phones. The phishing-as-a-service...
LinkedIn Suspends AI Data Processing in the U.K. Following Privacy Concerns Raised by ICO.
The U.K. Information Commissioner’s Office (ICO) has confirmed that LinkedIn, the professional networking platform, has paused processing user data within the U.K. for training its...
Apple Vision Pro Vulnerability Allowed Virtual Keyboard Inputs to Be Exposed to Attackers
A recently patched security flaw in Apple’s Vision Pro mixed reality headset has come to light, which, if exploited, could allow attackers to infer data...
Ivanti Issues Warning on Active Exploitation of Recently Patched Cloud Appliance Vulnerability
Ivanti has disclosed that a recently patched security vulnerability in its Cloud Service Appliance (CSA) is being actively exploited in the wild. The vulnerability, identified...
Cybercriminals Leverage HTTP Headers to Steal Credentials in Widespread Phishing Attacks
Cybersecurity researchers have raised alarms about ongoing phishing campaigns that exploit HTTP headers’ refresh entries to deliver fake email login pages aimed at stealing users’...
Next-Gen Attacks, Same Targets: Safeguarding Your Users’ Identities
FBI and CISA Issue Joint Advisory on Emerging Ransomware Threats On August 29, as part of the ongoing #StopRansomware initiative, the FBI and CISA released...
North Korean Hackers Deploy FudModule Rootkit Using Chrome Zero-Day Exploit
A recently patched security vulnerability in Google Chrome and other Chromium-based browsers was exploited as a zero-day by North Korean hackers in a campaign aimed...
The Importance of Continuous Penetration Testing: What You Need to Know
Continuous Attack Surface Penetration Testing (CASPT): An Overview Continuous Attack Surface Penetration Testing (CASPT) is a proactive security practice that focuses on the ongoing and...