Cybercriminals Leverage HTTP Headers to Steal Credentials in Widespread Phishing Attacks
Cybersecurity researchers have raised alarms about ongoing phishing campaigns that exploit HTTP headers’ refresh entries to deliver fake email login pages aimed at stealing users’...
The Importance of Continuous Penetration Testing: What You Need to Know
Continuous Attack Surface Penetration Testing (CASPT): An Overview Continuous Attack Surface Penetration Testing (CASPT) is a proactive security practice that focuses on the ongoing and...
Analyzing AD CS Vulnerabilities: Key Insights for InfoSec Professionals
The Most Dangerous Vulnerability You’ve Never Heard Of In cybersecurity, vulnerabilities are discovered so frequently and at such a rapid pace that keeping up with...
Latvian Hacker Extradited to the U.S. for Involvement in Karakurt Cybercrime Group
A 33-year-old Latvian man residing in Moscow has been charged in the U.S. for his involvement in data theft, extortion, and laundering ransom payments since...
New macOS Malware “Cthulhu Stealer” Targets Data of Apple Users
Cybersecurity researchers have discovered a new information-stealing malware targeting macOS systems, highlighting a growing focus on Apple’s operating system by threat actors. Named Cthulhu Stealer,...
Qilin Ransomware Attack Exploits VPN Credentials and Steals Chrome Data
The threat actors behind a recent Qilin ransomware attack have stolen credentials stored in Google Chrome on a select number of compromised systems. This combination...
PEAKLIGHT Downloader Used in Attacks on Windows Systems Through Malicious Movie Downloads
Cybersecurity researchers have identified a newly discovered dropper that acts as a gateway for deploying subsequent malware stages, ultimately aiming to infect Windows systems with...
Meta Uncovers Iranian Hacker Group Targeting Global Political Figures via WhatsApp
On Friday, Meta Platforms joined Microsoft, Google, and OpenAI in exposing the activities of an Iranian state-sponsored threat actor. Meta revealed that the group used...
The CISA urges federal agencies to patch the Versa Director vulnerability by September.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability affecting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of...
Iranian Hackers Unleash New BugSleep Backdoor in Cyber Attacks Across the Middle East
The Iranian nation-state group known as MuddyWater has been identified using a new backdoor in a recent attack campaign, deviating from its usual strategy of...
