Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run…
Winnti hackers target other threat actors with new Glutton PHP backdoor
The Chinese Winnti hacking group is using a new PHP backdoor named 'Glutton' in attacks on organizations in China and…
Crypto-stealing malware posing as a meeting app targets Web3 pros
Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows…
New Rockstar 2FA phishing service targets Microsoft 365 accounts
A new phishing-as-a-service (PhaaS) platform named 'Rockstar 2FA' has emerged, facilitating large-scale adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials.…
Thankful: How learning a new skill creates bread — and patience
In an attempt to become a useful person, I told myself at the beginning of 2024 that I would teach…
Mitigating the Risk of Cybercrime While Traveling Abroad
Global tourism is reaching pre-pandemic records and many people are eager to embark on a new adventure. Yet at the…
Brave on iOS adds new “Shred” button to wipe site-specific data
Brave Browser 1.71 for iOS introduces a new privacy-focused feature called "Shred," which allows users to easily delete site-specific mobile…
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user…
Fake AI video generators infect Windows, macOS with infostealers
Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to…
New Glove infostealer malware bypasses Chrome’s cookie encryption
New Glove Stealer information-stealing malware can bypass Google Chrome's Application-Bound (App-Bound) encryption to steal browser cookies. [...]