⚡ Weekly Highlights from THN: Key Cybersecurity Threats, Tools, and Best Practices
The past week has brought significant developments in cybersecurity, with new threats emerging and critical vulnerabilities exposed. From attacks on widely-used business tools to hidden...
NoviSpy Spyware Found on Journalist’s Phone After Being Unlocked Using Cellebrite Tool
A Serbian journalist’s phone was unlocked using a Cellebrite tool and later infected with previously undocumented spyware named NoviSpy, according to a report by Amnesty...
DeceptionAds generates over 1 million daily impressions through 3,000 websites and fraudulent CAPTCHA pages.
Cybersecurity researchers have uncovered a previously unreported element of ClickFix-style attacks that exploit a single ad network service in a malvertising-driven campaign, referred to as...
Thai Officials Targeted in Yokai Backdoor Attack Exploiting DLL Side-Loading
Thai government officials have been targeted in a new cyber campaign that employs DLL side-loading to deploy an undocumented backdoor known as Yokai. “The threat...
Germany Takes Down BADBOX Malware on 30,000 Devices with Sinkhole Operation
Germany’s Federal Office of Information Security (BSI) has revealed the disruption of a malware campaign known as BADBOX, which was pre-installed on at least 30,000...
New Phishing Attacks Exploit GitHub, Telegram Bots, and ASCII QR Codes
A new tax-themed malware campaign has been detected targeting the insurance and finance sectors, utilizing GitHub links in phishing emails to evade security measures and...
Firefox Zero-Day Vulnerability Exploited: Update Your Browser Immediately
Mozilla has disclosed a critical security flaw affecting Firefox and Firefox Extended Support Release (ESR), which is currently being actively exploited. The vulnerability, identified as...
Europol Dismantles Large-Scale Phishing Operation Targeting Mobile Phone Credentials
Law enforcement agencies have successfully dismantled an international criminal organization that operated a phishing platform used to unlock stolen or lost mobile phones. The phishing-as-a-service...
LinkedIn Suspends AI Data Processing in the U.K. Following Privacy Concerns Raised by ICO.
The U.K. Information Commissioner’s Office (ICO) has confirmed that LinkedIn, the professional networking platform, has paused processing user data within the U.K. for training its...
Apple Vision Pro Vulnerability Allowed Virtual Keyboard Inputs to Be Exposed to Attackers
A recently patched security flaw in Apple’s Vision Pro mixed reality headset has come to light, which, if exploited, could allow attackers to infer data...
