UNC4899 breached a crypto firm via AirDrop malware and cloud exploitation in 2025, stealing millions through Kubernetes and Cloud SQL abuse.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Have you ever tried to send a huge document by email only to get the annoying "file too large" error? Or maybe you only needed to translimit one chapter from a 200-page report, but you sent the whole ...

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

BlackBox AI, a popular VS Code coding assistant, has a critical indirect prompt injection vulnerability. Hackers can exploit this to gain remote root access to a user’s computer.

Meta is rolling out a dedicated shopping research mode inside its Meta AI web chatbot for a slice of US desktop users. Search ...

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...

Background Remission and low-disease activity are recommended targets in systemic lupus erythematosus (SLE), yet many ...