Search

Millions of people across the U.S. could have had their call records exposed and stolen with the exploitation of a now-fixed vulnerability impacting the Verizon Call Filter app that enables spam call identification and blocking for iOS users, according to SecurityWeek. Such a flaw, which ste...

COMMENTARY: The shift to cloud-based email has been a game changer for organizations worldwide, with Microsoft 365 (M365) emerging as a dominant platform for business communication. However, this widespread adoption has also made M365 an attractive target for cybercriminals, who now leverage th...

Intrusions involving the ClickFix technique have been deployed by North Korean hacking collective Lazarus Group against individuals looking to secure jobs in the cryptocurrency sector, especially in centralized finance, as part of an attack campaign that commenced last month, BleepingComputer repor...

Unmasking the identities of cybercriminals hiding behind VPN and proxy services is cat and mouse game as old as default passwords. Now, a team of university researchers from Denmark and India claim to have developed a novel technique capable of unmasking cybercriminals hiding behind VPNs, proxy ...

Attackers are making use of Windows shortcut (.lnk) files to dupe users into running malicious code on their systems. Researchers with Trend Micro’s Zero Day Initiative (ZDI) said that threat actors around the globe have been taking advantage of the Windows shell link shortcut format to execute ...

Attackers are conducting business email compromise (BEC) campaigns by exploiting the trusted infrastructure of Microsoft 365 to execute credential harvesting and account takeover (ATO). Guardz explained on March 13 that unlike traditional phishing, which relies on lookalike domains or email spoo...

More than 100 commands allowing multi-platform data compromise have been integrated into the latest version of the LightSpy surveillance tool, which was last observed to have gained additional spying capabilities for iOS, Security Affairs reports. Newly added commands focusin...

Chinese artificial intelligence platform DeepSeek has been accused by South Korea's Personal Information Protection Commission, the country's privacy watchdog, of having provided its user data with TikTok parent firm ByteDance just after the AI service was suspended by the country due to data ...

A flaw in the 7-Zip open-source file archiver tool could enable attackers to craft archives that bypass Windows security warnings, potentially tricking targets into launching malware. The vulnerability was revealed in an advisory published by Trend Micro on Sunday, which gave the flaw a high CVS...

Phishing and SEO poisoning attacks have been leveraged to distribute the new PLAYFULGHOST information-stealing malware, which is similar to the Gh0st RAT remote administration tool, The Hacker News reports. While malicious emails using code of conduct-related lures deceive targets...