New Phishing Kit Targeting US and EU Enterprises
Sep 10, 2025The Hacker NewsMalware Analysis / Enterprise Security Phishing-as-a-Service (PhaaS) platforms…
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Threat actors are abusing HTTP client tools like Axios in conjunction with…
Detecting Data Leaks Before Disaster
In January 2025, cybersecurity experts at Wiz Research found that Chinese AI…
Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure
Sep 03, 2025Ravie LakshmananArtificial Intelligence / Vulnerability Threat actors are attempting to…
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor (IME) software Sogou…
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Aug 29, 2025Ravie LakshmananThreat Intelligence / Malware Amazon on Friday said it…
Learn How to Unite Dev, Sec, and Ops Teams With One Shared Playbook
Aug 29, 2025The Hacker NewsCloud Security / Generative AI Picture this: Your…
Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks
The financially motivated threat actor known as Storm-0501 has been observed refining…
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
Aug 27, 2025Ravie LakshmananCloud Security / Threat Intelligence A widespread data theft…