Malicious PyPi package steals Discord auth tokens from devs
A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a…
US govt says North Korea stole over $659 million in crypto last year
North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint…
Scammers file first — Get your IRS Identity Protection PIN now
The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to…
New Web3 attack exploits transaction simulations to steal crypto
Threat actors are employing a new tactic called "transaction simulation spoofing" to steal crypto, with one attack successfully stealing 143.45 Ethereum,…
Cryptocurrency wallet drainers stole $494 million in 2024
Scammers stole $494 million worth of cryptocurrency in wallet drainer attacks last year that targeted more than 300,000 wallet addresses.…
Hackers steal ZAGG customers’ credit cards in third-party breach
ZAGG Inc. is informing customers that their credit card data has been exposed to unauthorized individuals after hackers compromised a…
Too Much ‘Trust,’ Not Enough ‘Verify’
"Zero trust" doesn't mean "zero testing."
Microsoft Teams Vishing Spreads DarkGate RAT
A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread…
US offers $5 million for info on North Korean IT worker farms
The U.S. State Department is offering a reward of up to $5 million for information that could help disrupt the…
BootKitty UEFI malware exploits LogoFAIL to infect Linux systems
The recently uncovered 'Bootkitty' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka 'LogoFAIL,' to…