Tag: attack
-
EvilTokens phishing service scales attacks 1,380% with AI integration
First seen on scworld.com Jump to article: www.scworld.com/brief/eviltokens-phishing-service-scales-attacks-1380-with-ai-integration
-
macOS attack technique bypasses endpoint security tools
First seen on scworld.com Jump to article: www.scworld.com/brief/macos-attack-technique-bypasses-endpoint-security-tools
-
Nathan Austad Pleads Guilty in DraftKings Hacking Scheme, Gets 18 Months
Third DraftKings hacker gets 18 months in prison for a 2022 credential-stuffing attack that compromised 1,600 accounts and stole $600,000. Nathan Austad, the third person sentenced over the 2022 DraftKings credential-stuffing attack, received 18 months in prison. The group used usernames and passwords stolen from other breaches to access about 1,600 accounts and steal roughly…
-
Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame
Operation Endgame disrupted malware services like StealC and Amadey that enable ransomware, fraud, and attacks on critical infrastructure. Between June 15 and 19, 2026, Europol coordinated a two-week law enforcement operation involving agencies from Canada, Denmark, Germany, the Netherlands, the UK, and the US, alongside private firms like Microsoft, Bitdefender, IBM X-Force, Proofpoint, Infoblox, Shadowserver,…
-
The OT Segmentation Imperative: Why It Can’t Wait Any Longer
AI-Powered Attacks Make OT Network Segmentation a Business-Critical Control Industrial organizations are facing faster, more sophisticated attacks than ever before. As AI further accelerates cyberattacks, OT defenders can no longer rely on perimeter security alone. This blog explores why OT network segmentation is critical for limiting lateral movement. First seen on govinfosecurity.com Jump to article:…
-
Stealthy new backdoor surfaces in attacks on multiple sectors
A relatively new backdoor called Mistic has been deployed in multiple attacks since April 2026 targeting organizations in the insurance, education, IT, and professional … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/25/mistic-backdoor-woodgnat-attacks/
-
Hacker gets 18 months for attack that compromised 60,000 betting accounts
A 21-year-old man known online as >>Snoopy<< was sentenced to 18 months in prison for his role in a scheme that hacked user accounts on a fantasy sports and betting … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/25/hacker-sentenced-draftkings-credential-stuffing-attac/
-
Healthcare Vendor Xsolis Reports Breach Affecting 1.4M People
Xsolis confirmed a healthcare data breach affecting nearly 1.4 million people after a phishing attack exposed health and identity data. The post Healthcare Vendor Xsolis Reports Breach Affecting 1.4M People appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-xsolis-healthcare-data-breach/
-
The Four Elevations of Effective Fraud Prevention
Fraudsters don’t attack just one transaction. They target accounts, platforms, and entire ecosystems. IPQS explains the four elevations of fraud prevention and why broader visibility improves fraud detection. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-four-elevations-of-effective-fraud-prevention/
-
Webinar: Why account takeovers remain one of the hardest threats to stop
Account takeover attacks continue to challenge security teams because attackers often operate through legitimate accounts and trusted services. This webinar explores how behavioral AI can help organizations identify compromised accounts faster and automate response workflows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/webinar-why-account-takeovers-remain-one-of-the-hardest-threats-to-stop/
-
Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access
New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mandiant-reveals-how-cisco-sd-wan-zero-day-attacks-gained-root-access/
-
Malicious Edge extension abuses Native Messaging as bridge to malware
A malicious Microsoft Edge extension dubbed ‘Edgecution’ has been used in a ransomware attack to escape the browser sandbox and deploy a Python-based backdoor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-edge-extension-abuses-native-messaging-as-bridge-to-malware/
-
Shai-Hulud Hades Payload Hits 20 Leo/RStreams npm Packages in Fresh Supply Chain Attack
A fresh supply-chain wave by the Shai-Hulud/Hades family that infected 20 npm packages in the Leo/RStreams ecosystem, an AWS-native event streaming SDK widely used for Kinesis, Firehose, Lambda and S3-based pipelines. The malicious releases were detected shortly after publication and, while not a dramatic redesign of prior Hades/Miasma variants, demonstrate the malware family’s continued operational…
-
New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns
A new, stealthy backdoor named Mistic has been deployed as part of suspected financially motivated attacks aimed at multiple organizations spanning insurance, education, IT, and professional services sectors since April 2026.According to Symantec and Carbon Black’s Threat Hunter Team, the backdoor, also tracked as MLTBackdoor, is said to be linked to an initial access broker…
-
Major Increase in Ransomware Attacks Targeting Europe, Warns New Report
Analysis of ransomware incidents by researchers at Black Kite found that attacks have risen by over 50% in the last year, with supply chain attacks increasing First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/increase-ransomware-europe/
-
Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered
Tags: attack, breach, credentials, cybercrime, finance, fraud, infrastructure, law, malware, microsoft, network, ransomwareA coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC.”The main common goal was to disrupt the ‘assembly lines’ cybercriminals use to launch ransomware, financial fraud, and attacks on critical infrastructure,” Europol said in First seen…
-
UK’s cultural institutions failing on cyber security, warns PAC
The UK’s national museums and galleries have failed to heed the lessons of high-profile cyber attacks and remain highly vulnerable. The Public Accounts Committee is calling on DCMS to do more to help. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366645049/UKs-cultural-institutions-failing-on-cyber-security-warns-PAC
-
UK’s cultural institutions failing on cyber security, warns PAC
The UK’s national museums and galleries have failed to heed the lessons of high-profile cyber attacks and remain highly vulnerable. The Public Accounts Committee is calling on DCMS to do more to help. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366645049/UKs-cultural-institutions-failing-on-cyber-security-warns-PAC
-
Ransomware attacks grew in 2025 as traditional data breaches fell
In a new report, Bitsight charted a massive surge in internet-exposed AI services. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-data-breaches-ai-bitsight/823649/
-
AI-Powered Phishing Attacks Surge 1,380% as Criminal Platforms Render MFA Obsolete
Imagine completing a two-factor authentication check on a real Microsoft login page and still handing a criminal full access to your email account. That is not a hypothetical. According to new research published this week by cybersecurity company Huntress, it happened across hundreds of organisations in the first four months of 2026 and the victims…
-
CISA warns of max severity Ubiquiti flaws exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting flaws in Ubiquity UniFi OS and Lantronix serial-to-ethernet servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks/
-
Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks
Tags: apache, attack, control, cybersecurity, flaw, github, google, microsoft, open-source, supply-chainCybersecurity researchers have flagged a new class of CI/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains.The “critical exploitable pattern” has been codenamed Cordyceps by Novee Security. The issue can allow full attacker control of repositories at dozens of the largest organizations worldwide, including Microsoft, Google, Apache, and First seen…
-
Grafana Confirms TanStack npm Supply Chain Attack Led to GitHub Repository Cloning
Grafana Labs has confirmed that a recent supply chain attack involving the TanStack npm ecosystem resulted in the cloning of its internal GitHub repositories. However, it did not compromise customer production systems or the Grafana Cloud platform. This disclosure follows a thorough internal investigation completed on May 27, 2026, as well as an independent forensic…
-
Stealthy Mistic backdoor linked to ransomware access broker KongTuke
A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, education, IT, and professional services sectors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/stealthy-mistic-backdoor-linked-to-ransomware-access-broker-kongtuke/
-
LastPass customer data exposed through Klue supply chain attack
LastPass disclosed that attackers used OAuth tokens compromised in a supply chain attack on Klue, a market intelligence platform that integrates with CRM and sales tools … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/24/lastpass-klue-data-breach-salesforce-environment/
-
Cisco Unified Communications Manager Flaw Exposes Systems to SSRF Attacks and Root Access
Cisco has disclosed a critical server-side request forgery (SSRF) vulnerability affecting its Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME). This vulnerability could enable unauthenticated remote attackers to write files to the underlying operating system and potentially escalate their privileges to root. Identified as CVE-2026-20230 and documented in…
-
AI Is Making Attacks Cheaper, Faster and More Covert, Says ReliaQuest
New ReliaQuest study reveals the six ways AI is practically being used in attacks today First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-attacks-cheaper-faster-covert/
-
Samsung KNOX Kernel Flaw Exposes Galaxy Devices to Memory Corruption Attacks
Samsung has addressed a critical kernel vulnerability in its KNOX security framework that puts millions of Galaxy devices at risk of memory-corruption attacks, potentially allowing full device compromise. This issue, tracked as CVE-2026-20971, was discovered by LucidBit Labs and affects a wide range of Samsung smartphones released over the past eight years, including devices from…