-
FBI links Signal phishing attacks to Russian intelligence services
The Federal Bureau of Investigation (FBI) has issued a public service announcement warning of large-scale phishing campaigns targeting users of encrypted messaging platforms such as Signal and WhatsApp. For the first time, these operations have been formally attributed to Russian…
-
FBI seeks victims of Steam games used to spread malware
The Federal Bureau of Investigation (FBI) is actively seeking victims who installed Steam games embedded with malware as part of an ongoing cybercrime investigation. According to a notice from the FBI’s Seattle Division, the malicious activity is believed to have…
-
Hackers abuse .arpa DNS and ipv6 to evade phishing defenses
Threat actors are increasingly exploiting infrastructure-level DNS features to evade modern phishing detection systems. A recent campaign demonstrates how attackers are abusing reverse DNS zones under the .arpa domain together with IPv6 addressing to generate phishing URLs that bypass traditional…
-
Android gets patches for Qualcomm zero-day exploited in attacks
Google has released its latest Android security updates addressing 129 vulnerabilities, including a zero-day flaw affecting Qualcomm graphics components that is reportedly being exploited in targeted attacks. The March Android Security Bulletin highlights the ongoing importance of timely mobile patch…
-
QuickLens Chrome extension steals crypto, shows ClickFix attack
A compromised Google Chrome extension named “QuickLens – Search Screen with Google Lens” has been removed from the Chrome Web Store after it was weaponized to deliver malware, conduct cryptocurrency theft, and execute ClickFix-style social engineering attacks against thousands of…
-
CISA: Recently patched RoundCube flaws now exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two recently patched Roundcube Webmail vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, confirming that both flaws are being actively exploited in the wild. Federal agencies have been ordered to…
-
New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS
Threat actors are expanding the scope of ClickFix social engineering campaigns by leveraging DNS infrastructure to deliver malware, marking the first documented case of DNS being used as a payload delivery channel in this attack framework. The technique represents a…
-
ZeroDayRAT malware grants full access to Android, iOS devices
A newly advertised commercial mobile spyware platform known as ZeroDayRAT is being promoted within cybercriminal communities as a tool capable of delivering full remote access to compromised Android and iOS devices. Marketed via underground channels on Telegram, the malware exemplifies…
-
Exposed MongoDB instances still targeted in data extortion attacks
Exposed MongoDB instances continue to be actively targeted in automated data extortion campaigns, with attackers demanding relatively small Bitcoin ransoms in exchange for alleged data restoration. Despite years of warnings and prior large-scale incidents, misconfigured databases remain a persistent and…
Must-Read Posts
- ‘PlushDaemon’ hackers hijack software updates in supply-chain attacks
- Adidas warns of data breach after customer service provider hack
- AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
- AI in Cybersecurity: Revolutionizing Defense Against Emerging Threats
- Android gets patches for Qualcomm zero-day exploited in attacks
