North Korean Lazarus hackers take aim at U.S. energy providers
The North Korean APT group 'Lazarus' (APT38) is exploiting VMWare Horizon servers to access the corporate networks of energy providers…
New Linux malware evades detection using multi-stage deployment
A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads. [...]
Dev backdoors own malware to steal data from other hackers
Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a…
Threat Actor Phishing PyPI Users Identified
"JuiceLedger" has escalated a campaign to distribute its information stealer by now going after developers who published code on the…
The Inevitability of Cloud Breaches: Tales of Real-World Cloud Attacks
While cloud breaches are going to happen, that doesn't mean we can't do anything about them. By better understanding cloud…
Ukraine takes down cybercrime group hitting crypto fraud victims
The National Police of Ukraine (NPU) took down a network of call centers used by a cybercrime group focused on…
How 1-Time Passcodes Became a Corporate Liability
Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some…
FBI: Hackers increasingly exploit DeFi bugs to steal cryptocurrency
The U.S. Federal Bureau of Investigation (FBI) is warning investors that cyber criminals increasingly exploiting security vulnerabilities in Decentralized Finance (DeFi) platforms…
Windows malware delays coinminer install by a month to evade detection
A new malware campaign disguised as Google Translate or MP3 downloader programs was found distributing cryptocurrency mining malware across 11…
Twilio breach let hackers see Okta’s one-time MFA passwords
The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS to from…