Microsoft Edge update adds AI-powered Scareware Blocker
Microsoft Edge 133 is now rolling out globally, and it ships with several improvements, including a new scareware blocker feature.…
Abandoned AWS Cloud Storage: A Major Cyberattack Vector
New research highlights how bad actors could abuse deleted AWS S3 buckets to create all sorts of mayhem, including a…
MikroTik botnet uses misconfigured SPF DNS records to spread malware
A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and…
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in…
Malicious npm packages target Ethereum developers’ private keys
Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private keys and other sensitive data.…
New DoubleClickjacking attack exploits double-clicks to hijack accounts
A new variation of clickjacking attacks called "DoubleClickjacking" lets attackers trick users into authorizing sensitive actions using double-clicks while bypassing…
New ‘OtterCookie’ malware used to backdoor devs in fake job offers
North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers.…
European Space Agency’s official store hacked to steal payment cards
European Space Agency's official web shop was hacked as it started to load a piece of JavaScript code that generates…
Malicious Rspack, Vant packages published using stolen NPM tokens
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish…
Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run…