Russian APT28 Hackers Hijack Routers to Steal Credentials, UK Security Agency Warns
Newly identified malicious campaigns are linked to virtual private servers modified by APT28 to operate as malicious DNS servers
Information Security Magazine
GPU Rowhammer Attack Enables Privilege Escalation and Full System Compromise
16 hours 2 minutes ago
GPUBreach uses GPU Rowhammer on GDDR6 to flip bits, corrupt page tables and escalate to system root
GrafanaGhost Exploit Bypasses AI Guardrails for Silent Data Exfiltration
17 hours 7 minutes ago
GrafanaGhost chains AI prompt injection and URL flaws to exfiltrate sensitive Grafana data
Over $17bn Lost to Cyber Fraud in the Last Year, Warns FBI
19 hours 7 minutes ago
Cryptocurrency scams alone cost victims over $7 billion, while AI-enabled fraud threats are on the rise, says FBI
Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks
21 hours 5 minutes ago
Microsoft has released a new report about the Storm-1175 group and its connection to Medusa ransomware
Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploited
21 hours 41 minutes ago
Fortinet has updated its FortiClient EMS product after zero-day attacks surfaced
New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs
4 days 23 hours ago
A large-scale credential theft campaign targeting senior executives has been linked to a previously unknown automated phishing platform called Venom
New 'Storm' Infostealer Remotely Decrypts Stolen Credentials
5 days 16 hours ago
This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls
NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
5 days 16 hours ago
The UK’s cybersecurity agency offered advice to “high-risk’ individuals” on how to protect against social engineering and cyber-attacks
Apple Expands iOS 18 Security Updates Amid DarkSword Threat
5 days 17 hours ago
iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit
GitHub Used as Covert Channel in Multi-Stage Malware Campaign
5 days 18 hours ago
LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration
Researchers Observe Sub-One-Hour Ransomware Attacks
5 days 18 hours ago
Halcyon says Akira is now capable of carrying out an entire ransomware attack in less than an hour
Most CNI Firms Face Up to £5m in Downtime from OT Attacks
5 days 22 hours ago
E2e-assure says 80% of critical infrastructure providers could face millions in downtime from cyber-attacks
Google Introduces Android Dev Verification Amid Openness Debate
6 days 16 hours ago
Android requires dev identity verification for sideloaded apps; phased global rollout from September
New Venom Stealer MaaS Platform Automates Continuous Data Theft
6 days 17 hours ago
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration
Chinese Hackers Target European Governments in Espionage Campaigns
6 days 19 hours ago
Chinese state-backed group TA416 had suspended its cyber espionage operations in Europe since 2023, noted Proofpoint
Eight in 10 UK Manufacturers Hit by Cyber Incident in a Year
6 days 21 hours ago
Most UK manufacturers compromised last year suffered financial loss, says ESET
Hackers Hijack Axios npm Package to Spread RATs
6 days 22 hours ago
Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s account, researchers warn
Maryland Man Charged Over $53m Uranium Finance Crypto Hack
1 week ago
Maryland man accused of $53m Uranium Finance hack, exploited smart contract flaws, laundered funds
Phantom Project Bundles Infostealer, Crypter and RAT For Sale
1 week ago
Phantom Stealer .NET harvests browser credentials, cookies, cards, sessions, as stealer-as-a-service
Checked
3 hours 6 minutes ago