Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide
Information Security Magazine
A Quarter of UK and US Firms Suffer Data Poisoning Attacks
2 weeks 1 day ago
New IO research reveals a surge in AI attacks attempting to corrupt underlying training data
Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets
2 weeks 1 day ago
A secret-stealing worm is spreading fast across the npm ecosystem, experts have warned
Fifteen Ransomware Gangs “Retire,” Future Unclear
2 weeks 2 days ago
Fifteen ransomware groups have claimed shutdown on BreachForums; experts warn of rebrands and copycats
Gucci and Alexander McQueen Hit by Customer Data Breach
2 weeks 2 days ago
The attack, which is linked to ShinyHunters, has reportedly compromised data relating to 7.4 million unique email addresses
Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads
2 weeks 2 days ago
AI-native Villager, which automates Kali and DeepSeek penetration tests, has reached 11,000 PyPI downloads fueling dual-use threat
UK: Tax Refund-Themed Phishing Slows in 2025
2 weeks 2 days ago
Reports of email phishing attempts impersonating the UK’s HM Revenue & Customs plummeted in the first half of 2025
JLR Extends Production Halt After Cyber-Attack
2 weeks 2 days ago
Jaguar Land Rover (JLR) has confirmed that its pause in production will last until at least Wednesday, September 24
API Threats Surge to 40,000 Incidents in 1H 2025
2 weeks 2 days ago
Thales claims there were over 40,000 API incidents in the first half of 2025
FinWise Bank Warns of Insider Data Breach
2 weeks 2 days ago
An insider data breach at FinWise may have impacted 689,000 customers
HybridPetya Mimics NotPetya, Adds UEFI Compromise
2 weeks 3 days ago
HybridPetya ransomware mimics Petya/NotPetya, with an added UEFI bootkit and Secure Boot bypass
SEO Poisoning Targets Chinese Users with Fake Software Sites
2 weeks 3 days ago
SEO poisoning attack has been observed targeting Chinese Windows users via lookalike domains, installing Hiddengh0st and Winos
AI-Forged Military IDs Used in North Korean Phishing Attack
2 weeks 3 days ago
Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards
CISA at Risk After OIG Accuses it of Wasting Federal Funds
2 weeks 3 days ago
US Department of Homeland Security OIG claims CISA mismanaged a key cyber retention incentive program
Phishing Campaigns Drop RMM Tools for Remote Access
2 weeks 3 days ago
Threat actors are using multiple lures to trick users into installing RMM tools
Attackers Adopt Novel LOTL Techniques to Evade Detection
2 weeks 6 days ago
HP Wolf has reported the use of multiple, uncommon binaries and novel uses of legitimate image files in recent malicious campaigns
France Warns Apple Users of New Spyware Campaign
2 weeks 6 days ago
Apple has sent at least four notifications in 2025, according to the French national cybersecurity agency
ICO Warns of Student-Led Data Breaches in UK Schools
2 weeks 6 days ago
ICO warned that growing hacks by children into school computer systems is setting them up for “a life of cybercrime”
CISA Launches Roadmap for the CVE Program
3 weeks ago
The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement
Fileless Malware Deploys Advanced RAT via Legitimate Tools
3 weeks ago
A sophisticated fileless malware campaign has been observed using legitimate tools to deliver AsyncRAT executed in memory
Checked
9 hours 20 minutes ago