“Customer complaint” email scam preys on your fear of getting into trouble at work

Stop. Think. Connect. Don't let the crooks trick you into acting in haste.

FBI: Hackers Used Malicious PHP Code To Grab Credit Card Data

Don't Accidentally Hire A North Korean Hacker, FBI Warns

Researchers Find Backdoor Lurking In WP Plugin Used By Schools

Snake Keylogger Spreads Through Malicious PDFs

How To Find NPM Dependencies Vulnerable To Account Hijacking

Zero-Day Exploitation Of Atlassian Confluence

This New Linux Malware Is Almost Impossible To Detect

This Hacking Group Quietly Spied On Their Targets For 10 Years

Microsoft Exchange Servers Worldwide Hit By Stealthy New Backdoor

Sneaky Orbit Malware Backdoors Linux Devices

Servers Running Digium Phones VoIP Software Are Getting Backdoored

Industrial Control System Password Cracker May Be Bad, Actually

Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access

Threat actors are increasingly abusing Internet Information Services (IIS) extensions to backdoor servers as a means of establishing a "durable persistence mechanism." That's according to a new warning from the Microsoft 365 Defender Research Team, which said that "IIS backdoors are also harder to detect since they mostly reside in the same directories as legitimate modules used by target

Discovery Of New UEFI Rootkit Exposes An Ugly Truth: The Attacks Are Invisible To Us

Malicious Npm Packages Tapped Again To Target Discord Users

China-Linked Spies Used Six Backdoors To Steal Info From Defense, Industrial Enterprise Orgs

Cisco Confirms Network Breach Via Hacked Employee Google Account

PyPi Supply Chain Attack Actors Have Been Active Since Late 2021

Lazarus Group Unleashed A MagicRAT To Spy On Energy Providers

Breach Of Software Maker Used To Backdoor As Many As 200,000 Servers

Trojanized Versions Of PuTTY Being Used To Spread Backdoor

US Considers Two More Chinese Carriers Security Threats

Cyber Attacks Against Middle East Governments Hide Malware in Windows Logo

An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments. Broadcom's Symantec Threat Hunter Team attributed the updated tooling to a hacking group it tracks under the name Witchetty, which is also known as LookingFrog, a subgroup operating under the TA410

Steganography Alert: Backdoor Spyware Stashed In Microsoft Logo

Modified Version Of Tor Browser Spies On Chinese Users

Unpatched Zimbra Flaw Lets Hackers Backdoor Servers

Payment Terminal Malware Steals $3.3m Worth Of Credit Card Numbers

What Does The Fox Hack? Breaking Down The Anonymous Fox F-Automatical Script

State-Sponsored Hackers In China Compromise Certificate Authority

US Bans Sales Of Huawei, ZTE Tech Amid Security Fears

Want To Detect Cobalt Strike On The Network? Look To Process Memory

UK Arrests Five For Selling Dodgy Point Of Sale Software

PyTorch Dependency Poisoned With Malicious Code

Hundreds Of WordPress Sites Infected By Recently Discovered Backdoor

Hundreds Of SugarCRM Servers Infected With Critical In-The-Wild Exploit

More Malicious Packages Posted To Online Repository. This Time It's PyPI

DragonSpark Threat Actor Leverages Open Source RAT

2 Federal Agencies Hacked With Remote Monitoring

U.S. Stops Granting Export Licenses For China's Huawei

HeadCrab Malware Compromised 1,200 Redis Servers

Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto

Hear renowned cybersecurity author Andy Greenberg's thoughtful commentary about the "war on crypto" as we talk to him about his new book...

Top Android Phones From China Are Packed With Spyware, Research Finds

Australian Government Bans Chinese CCTV Tech

~11,000 Sites Have Been Infected With Malware That's Good At Avoiding Detection

Latest Attack On PyPi Users Shows Crooks Are Only Getting Better

Researchers Unearth Windows Backdoor That's Unusually Stealthy

GoDaddy Says A Multi-Year Breach Hijacked Customer Websites And Accounts

Open Source Has Its Perks, But Supply Chain Risks Can't Be Ignored

GoDaddy Blasted For Breach Response

NPM Repository Flooded With 15,000 Phishing Packages

Hackers Sat On News Corp For Two Years

Chinese Hackers Targeting European Entities with New MQsTTang Backdoor

The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an ongoing social engineering campaign that commenced in January 2023. "Unlike most of the group's malware, MQsTTang doesn't seem to be based on existing families or publicly available projects," ESET researcher Alexandre Côté Cyr said in a new report. Attack chains

PlugX RAT Masquerades As Legit Windows Debugger To Slip Past Security

TikTok Answers Three Big Cybersecurity Fears About The App

The Sketchy Plan To Build A Russian Android Phone

Advanced Malware Being Used To Backdoor Routers

Suspected Chinese Cyber Spies Target Unpatched SonicWall Devices

The UK's Bad Encryption Law Can't Withstand Global Contempt

Emotet Attempts To Sell Access After Infiltrating High Value Networks