The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Canadian telecommunications and business services firm Telus is investigating a ​cybersecurity incident involving unauthorized access to some of its ‌systems, a company spokesperson said on Thursday.

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

Apple has released security updates to patch older iPhones and iPads against a set of vulnerabilities targeted in ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

As promised, longstanding Japanese developer CyberConnect 2 has announced its mysterious 30th anniversary project... and it's actually a brand new .hack game! Officially titled .hack//ZERO, it's ...

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...

“There are no workarounds identified that directly mitigate the risk concerning this attack campaign,” is not what you want to read, having just been informed of a zero-day exploit concerning a Common ...

A malware, called “Sturnus,” has emerged, and it exploits Android’s accessibility features to spread on your phone even without you noticing. It gains access to your Android after being installed via ...

Balancer, a decentralized finance protocol, has been hit by a major exploit that drained more than $100 million in digital assets, according to blockchain security firms. Security researchers at ...

Earlier this year, a developer was shocked by a message that appeared on his personal phone: “Apple detected a targeted mercenary spyware attack against your iPhone.” “I was panicking,” Jay Gibson, ...