Security News

Filter by:

The Badbox botnet is back, powered by up to a million backdoored Androids

Best not to buy cheap hardware and use third-party app stores if you want to stay clear of this vast ad fraud effort Human Security’s Satori research team says it has found a new variant of the remote-controllable Badbox malware, and as...
The Register 8 Mar 2025 2589 Views

'EncryptHub' OPSEC Failures Reveal TTPs & Big Plans

Is EncryptHub the most prolific cybercriminal in recent history? Or, as new information suggests, a bumbling amateur?
Dark Reading 7 Mar 2025 6918 Views

Microsoft says malvertising campaign impacted 1 million PCs

​Microsoft has taken down an undisclosed number of GitHub repositories used in a massive malvertising campaign that impacted almost one million devices worldwide. [...]
Bleepingcomputer 7 Mar 2025 1167 Views

Open-source tool 'Rayhunter' helps users detect Stingray attacks

The Electronic Frontier Foundation (EFF) has released a free, open-source tool named Rayhunter that is designed to detect cell-site simulators (CSS), also known as IMSI catchers or Stingrays. [...]
Bleepingcomputer 6 Mar 2025 1443 Views

Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware

New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups utilizing the same social engineering attacks and the BackConnect proxy malware for post-exploitation access to corporate networks.
Bleeping Computer 5 Mar 2025 1549 Views

YouTube warns of AI-generated video of its CEO used in phishing attacks

YouTube warns that scammers are using an AI-generated video featuring the company's CEO in phishing attacks to steal creators' credentials. [...]
Bleepingcomputer 5 Mar 2025 1393 Views

Phishers Wreak 'Havoc,' Disguising Attack Inside SharePoint

A complex campaign allows cyberattackers to take over Windows systems by a combining a ClickFix-style attack and sophisticated obfuscation that abuses legitimate Microsoft services.
Dark Reading 4 Mar 2025 8039 Views

12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training

A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, ...
The Hacker News 28 Feb 2025 8366 Views

AI Tricksters Spin Up Fake DeepSeek Sites to Steal Crypto

The fake websites trick users into downloading and running malware that searches for personal information, especially anything related to crypto currency.
Dark Reading 26 Feb 2025 10125 Views

Beware: PayPal "New Address" feature abused to send phishing emails

An ongoing PayPal email scam exploits the platform's address settings to send fake purchase notifications, tricking users into granting remote access to scammers [...]
Bleepingcomputer 23 Feb 2025 1252 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY