New 'Storm' Infostealer Remotely Decrypts Stolen Credentials
This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls
Information Security Magazine
NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
13 hours 21 minutes ago
The UK’s cybersecurity agency offered advice to “high-risk’ individuals” on how to protect against social engineering and cyber-attacks
Apple Expands iOS 18 Security Updates Amid DarkSword Threat
14 hours 6 minutes ago
iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit
GitHub Used as Covert Channel in Multi-Stage Malware Campaign
14 hours 36 minutes ago
LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration
Researchers Observe Sub-One-Hour Ransomware Attacks
14 hours 36 minutes ago
Halcyon says Akira is now capable of carrying out an entire ransomware attack in less than an hour
Most CNI Firms Face Up to £5m in Downtime from OT Attacks
19 hours 6 minutes ago
E2e-assure says 80% of critical infrastructure providers could face millions in downtime from cyber-attacks
Google Introduces Android Dev Verification Amid Openness Debate
1 day 12 hours ago
Android requires dev identity verification for sideloaded apps; phased global rollout from September
New Venom Stealer MaaS Platform Automates Continuous Data Theft
1 day 14 hours ago
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration
Chinese Hackers Target European Governments in Espionage Campaigns
1 day 15 hours ago
Chinese state-backed group TA416 had suspended its cyber espionage operations in Europe since 2023, noted Proofpoint
Eight in 10 UK Manufacturers Hit by Cyber Incident in a Year
1 day 18 hours ago
Most UK manufacturers compromised last year suffered financial loss, says ESET
Hackers Hijack Axios npm Package to Spread RATs
1 day 18 hours ago
Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s account, researchers warn
Maryland Man Charged Over $53m Uranium Finance Crypto Hack
2 days 12 hours ago
Maryland man accused of $53m Uranium Finance hack, exploited smart contract flaws, laundered funds
Phantom Project Bundles Infostealer, Crypter and RAT For Sale
2 days 13 hours ago
Phantom Stealer .NET harvests browser credentials, cookies, cards, sessions, as stealer-as-a-service
ChatGPT Security Issue Enabled Data Theft via Single Prompt
2 days 14 hours ago
OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole
TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets
2 days 15 hours ago
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs
Employee Data Breaches Surge to Seven-Year High
2 days 17 hours ago
Analysis from law firm Nockolds suggests non-cyber incidents are driving up employee data breaches
NCSC Urges Immediate Patching of F5 BIG-IP Bug
2 days 18 hours ago
The National Cyber Security Centre wants UK firms to patch CVE-2025-53521
Cybercriminals Exploit Tax Season With New Phishing Tactics
3 days 12 hours ago
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Lloyds IT Glitch Exposed Data of Nearly 500,000 Banking Customers
3 days 13 hours ago
Lloyds app glitch exposed up to 447,936 customers’ transactions and personal data during update
DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection
3 days 15 hours ago
Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials
Checked
1 hour 35 minutes ago