Russia-aligned threat actors are abusing the Viber messaging platform as covert attack infrastructure, using trusted communication channels to distribute malware and evade traditional security defenses.
A new Android SMS stealer campaign is spreading across Uzbekistan, using deceptive apps to capture messages and authentication codes. The attack highlights fast-evolving mobile threats and the need for stronger device security.
Japanese organizations continue facing ransomware incidents that cause months of operational disruption. This investigative analysis explores how long-tail damage unfolds, why attackers target Japan’s supply chain ecosystem, and how companies can strengthen long-term resilience.
CISA is warning that state-linked threat actors are actively using commercial spyware and remote access trojans to hijack Signal and WhatsApp accounts, weaponize linked devices and deploy zero-click exploits. This article breaks down the campaigns, the tools involved and the specific hardening steps high-value targets should take immediately.
Federal authorities dismantled the ShinyHunters group’s Salesforce-branded extortion site, marking a major victory against cybercrime networks that traded in stolen corporate data and customer credentials.
Harrods informed loyalty program members of a data breach tied to a third-party provider. The luxury retailer is investigating and urging customer caution.
Cybercriminals are abusing fake OSINT GitHub repos to distribute PyStoreRAT, a JavaScript-based RAT that delivers diverse malware modules through deceptive open-source tools.
A WhatsApp API flaw allowed researchers to enumerate 3.5 billion accounts by abusing weak rate-limiting in the contact-discovery endpoint, exposing global phone-number mappings and public profile metadata that adversaries could weaponize for large-scale phishing, impersonation and SIM-swap attacks.
UAT-7290 threat actors are escalating cyber attacks against critical infrastructure, exploiting weaknesses in operational technology and industrial environments to disrupt essential services.
Security researchers revealed that ChatGPT’s Atlas Browser can be manipulated through hidden prompt injections, allowing attackers to hijack AI behavior, leak data, and bypass safeguards. Learn how it works and how to defend against it.