Security News

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
2025-04-25 14:05

North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor...

FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches
2025-04-25 09:34

The FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications providers in the United States and worldwide. [...]

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
2025-04-24 20:24

Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. [...]

Lazarus hackers breach six companies in watering hole attacks
2025-04-24 19:13

In a recent espionage campaign, the infamous North Korean threat group Lazarus targeted multiple organizations in the software, IT, finance, and telecommunications sectors in South Korea. [...]

DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack
2025-04-23 17:09

Multiple threat activity clusters with ties to North Korea (aka Democratic People's Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and...

ASUS releases fix for AMI bug that lets hackers brick servers
2025-04-23 14:50

ASUS has released security updates to address CVE-2024-54085, a maximum severity flaw that could allow attackers to hijack and potentially brick servers. [...]

Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign
2025-04-23 13:08

The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024....

Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp
2025-04-23 10:49

Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft...

Hackers abuse Zoom remote control feature for crypto-theft attacks
2025-04-22 19:43

A hacking group dubbed 'Elusive Comet' targets cryptocurrency users in social engineering attacks that exploit Zoom's remote control feature to trick users into granting them access to their...

Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
2025-04-21 07:01

Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof hosting...