Threat actor landscape: what every CISO must know to stay ahead

Threat actors include Scattered Spider (UNC3944), Black Basta, RansomHub, and NoEscape. TTPs comprise SIM-swapping to bypass multi-factor authentication (MFA), compromise of cloud and SaaS-based ...
Cybernews

Now you can lose your crypto by video gaming against criminals

Experts at Kaspersky have discovered that the Stealka stealer is disguised as game cracks, cheats, and mods. In addition to hijacking accounts and stealing crypto, it can also run a crypto miner on ...

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...

Over 25,000 FortiCloud SSO devices exposed to remote attacks

Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, ...
The Hacker News

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

APT28 ran a sustained phishing campaign from June 2024 to April 2025, using fake UKR.net login pages to steal credentials and ...
Decrypt

New Malware Poses as Roblox Mods to Steal Crypto Credentials

The Stealka malware is inserted into pirated mods for video games including Roblox, and can lift sensitive info from apps.
WinBuzzer

Microsoft 365 Phishing Surge: Attackers Weaponize Legitimate Device Code Flow to Bypass MFA

Cybercriminals have launched a widespread phishing campaign exploiting Microsoft's OAuth device code flow to bypass MFA and ...