Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
Cybersecurity researchers have detailed a new cluster of activity where threat actors…
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a…
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
Aug 01, 2025Ravie LakshmananThreat Intelligence / Ransomware The threat actor linked to…
Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies
Jul 31, 2025Ravie LakshmananCyber Espionage / Network Security The Russian nation-state threat…
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials
Jul 31, 2025Ravie LakshmananPhishing / Threat Intelligence Cybersecurity researchers have disclosed details…
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Jul 31, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting…
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps
Jul 30, 2025Ravie LakshmananCryptocurrency / Browser Security Cybersecurity researchers are calling attention…
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
Jul 30, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed now-patched…
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Jul 29, 2025Ravie LakshmananPhishing / Developer Security The maintainers of the Python…