Security News

Coinbase to fix 2FA account activity entry freaking out users
2025-04-05 15:36

Coinbase is fixing an incorrect account activity message that freaks out customers and makes them think their credentials were compromised. [...]

NCSC taps influencers to make 2FA go viral
2025-03-26 11:00

Who knew social media stars had a role to play in building national cyber resilience? The world's biggest brands have benefited from influencer marketing for years – now the UK's National Cyber...

New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
2025-01-17 10:07

Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication...

Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes
2025-01-15 15:48

Cybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via...

New Rockstar 2FA phishing service targets Microsoft 365 accounts
2024-11-29 19:01

A new phishing-as-a-service (PhaaS) platform named 'Rockstar 2FA' has emerged, facilitating large-scale adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials. [...]

Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks
2024-11-29 10:06

Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA with an aim to steal Microsoft 365 account credentials....

New Mamba 2FA bypass service targets Microsoft 365 accounts
2024-10-08 20:27

An emerging phishing-as-a-service (PhaaS) platform called Mamba 2FA has been observed targeting Microsoft 365 accounts in AiTM attacks using well-crafted login pages. [...]

New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram
2024-09-12 16:12

Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2024 with the goal of harvesting financial...

WordPress.org to require 2FA for plugin developers by October
2024-09-11 17:33

Starting October 1st, WordPress.org accounts that can push updates and changes to plugins and themes will be required to activate two-factor authentication (2FA) on their accounts. [...]

India contemplates compulsory dynamic 2FA for digital payments
2024-08-02 03:30

India's central bank on Wednesday proposed a requirement for dynamically generated second authentication factors for most digital payments. "Reserve Bank of India had mandated additional factor of authentication for all transactions undertaken using cards, prepaid instruments and mobile banking channels," explained the central bank.