Tag: threat
-
SNOW Malware Ecosystem Uses Teams Phishing, WebSocket Tunnels, and Browser Extensions
Threat actors are increasingly chaining classic phishing with collaboration platforms and covert tunneling to create highly believable intrusion paths. A recent multi-stage campaign attributed to UNC6692 exposes how adversaries combine email bombardment, Microsoft Teams impersonation, malicious browser extensions, WebSocket tunnels, and Python backdoors into a single, resilient ecosystem known as SNOW. The campaign began with…
-
SNOW Malware Ecosystem Uses Teams Phishing, WebSocket Tunnels, and Browser Extensions
Threat actors are increasingly chaining classic phishing with collaboration platforms and covert tunneling to create highly believable intrusion paths. A recent multi-stage campaign attributed to UNC6692 exposes how adversaries combine email bombardment, Microsoft Teams impersonation, malicious browser extensions, WebSocket tunnels, and Python backdoors into a single, resilient ecosystem known as SNOW. The campaign began with…
-
ESET Threat Report H1 2026: Cyberkriminelle machen bekannte Angriffe effizienter
Cyberkriminelle erfinden Angriffe nicht neu, sie machen sie effizienter. Der aktuelle ESET-Bedrohungsbericht zeigt, wie KI, QR-Code-Betrug und Angriffe auf Schutzsoftware die Bedrohungslage verändern. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/eset-threat-report-h1-2026-cyberkriminelle-machen-bekannte-angriffe-effizienter/
-
Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains.The activity dates back to at least August 2022, according to DNS threat intelligence firm Infoblox. Once such campaign, observed earlier this year, involved…
-
A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach
Accenture confirmed a breach after a hacker claimed to steal 35 GB of source code, keys, and Azure credentials now offered for sale. A threat actor using the handle >>888<>Today […] First seen on securityaffairs.com Jump to article: securityaffairs.com/194962/data-breach/a-hacker-claims-35-gb-of-accenture-source-code-the-company-discloses-the-data-breach.html
-
Hackers exploit Roundcube flaw to spy on academic researchers
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-roundcube-flaw-to-spy-on-academic-researchers/
-
Entra passkey enrollment vishing targets Microsoft 365 users
A threat actor has been targeting organizations across multiple sectors with voice-based fake security requests that ask Microsoft 365 users to enroll a new Entra passkey. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/entra-passkey-enrollment-vishing-targets-microsoft-365-users/
-
Accenture faces massive data breach that could put clients at risk
The threat actor claiming responsibility says it stole source code, encryption keys and more. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/accenture-data-breach-access-keys-source-code/824694/
-
Sophisticated threat campaign pushes Cisco to the very edge
A monthslong exploitation wave against Cisco SD-WAN systems raises larger questions about trust and the insecurity of network infrastructure. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sophisticated-threat-campaign-pushes-cisco-to-the-very-edge/824569/
-
Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools
RedWing: The Android Banking Trojan You Can Rent on Telegram for Less Than a Coffee Subscription Zimperium’s zLabs team has uncovered RedWing, an Android spyware operation sold as a subscription service through Telegram, with links to Russian threat actors and apparent roots in the Oblivion malware family. It comes with documentation, tutorial videos, a referral…
-
Threat Actors Uses Agentic AI to Rapidly Compromise Cloud Target
Sygnia report details how agentic AI accelerated weeks-long attack to just 72 hours First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/threat-actor-agentic-ai-cloud/
-
New Malicious Campaign Delivers Vidar Infostealer and Monero Crypto Miner
Cyber threat actors are infecting victims with the Vidar stealer and the XMRig cryptocurrency miner in a new malicious campaign First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-campaign-vidar-stealer-monero/
-
Accenture acknowledges security incident following 35GB data theft claim
Accenture appears to have suffered a data breach, the extent of which is currently unknown. On Monday, a threat actor going by the handle >>888<< posted on the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/07/08/accenture-data-breach-2026/
-
European Central Bank demands AI security ‘action plan’
European Central Bank gives banks deadline to outline their plans to defend against artificial intelligence-based security threats First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366645712/European-Central-Bank-demands-AI-security-action-plan
-
China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware
A Chinese threat actor tracked as UAT-7810 is actively refining its bespoke malware to expand its Operational Relay Box (ORB) network by breaking into internet-facing networking devices.According to findings from Cisco Talos, UAT-7810 is an advanced persistent threat (APT) actor that’s responsible for maintaining and proliferating LapDogs, an ORB network that first came to light…
-
Anthropic Keeps Claude Fable 5 Available on Paid Plans Until July 12
Anthropic has announced an extension of access to its advanced AI model, Claude Fable 5, allowing users on all paid plans to continue using the system until July 12, 2026. This update, shared via the company’s official X account, comes as enterprises increasingly rely on generative AI models for security research, code analysis, and threat…
-
Google Dialogflow CX Flaw Lets Attackers Bypass VPC-SC and Steal Sensitive Chatbot Data
A critical vulnerability in Google Cloud’s Dialogflow CX platform allowed attackers to bypass VPC Service Controls (VPC-SC) and silently exfiltrate sensitive chatbot data, raising significant concerns about the security of enterprise AI deployments. Discovered by Varonis Threat Labs and dubbed “Rogue Agent,” the flaw exposed a serious design gap in how Dialogflow CX executes custom…
-
Accenture Data Breach Exposes 35GB Source Code and Azure DevOps Credentials
Accenture is currently investigating a potential data breach after a threat actor using the alias “888” claimed to be selling approximately 35GB of stolen data, including source code and sensitive credentials, on a cybercrime forum. This listing, posted on July 6, 2026, alleges that the breach resulted in the exfiltration of proprietary assets, including source…
-
Accenture confirms breach after hacker offers stolen data for sale
IT services giant Accenture has confirmed it suffered a security breach after a threat actor claimed to have stolen 35 GB of source code and other data from the company. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/accenture-confirms-breach-after-hacker-offers-stolen-data-for-sale/
-
UK Govt Pairs Agentic AI Initiative With Cyber Resilience Pledge
NCSC Launches AI Research, Governance and Resilience Measures. The U.K. government unveiled an AI-driven Cyber Shield initiative alongside a Cyber Resilience Pledge signed by 60 organizations, seeking to automate vulnerability management, strengthen governance and improve national resilience as ransomware and AI-enabled threats escalate. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/uk-govt-pairs-agentic-ai-initiative-cyber-resilience-pledge-a-32172
-
The Most Elusive Criminal Quality: Anonymity
Suspected Scattered Spider Member Reportedly Unmasked After Making Death Threat How did investigators unmask a 19-year-old suspected Scattered Spider extortionist? Amateur sleuths have highlighted Microsoft-gathered device telemetry in charging documents. But a researcher said he was quickly unmasked and tracked for years, after he sent her a death threat. First seen on govinfosecurity.com Jump to…
-
Britain plans to build autonomous AI ‘Cyber Shield’ to defend nation
The capability, called Cyber Shield, is designed to counter a threat the National Cyber Security Centre (NCSC) said could see attackers “move at machine speed and greater scale, reducing opportunities for detection and response.” First seen on therecord.media Jump to article: therecord.media/britain-plans-autonomous-ai-cyber-shield
-
Registration Now Open for International Cyber Expo 2026
Registration is now open for International Cyber Expo 2026, one of the UK’s flagship two-day cybersecurity events which set to return to Olympia London on 2930 September 2026, bringing together thousands of security professionals, technology providers and policymakers to explore the latest developments shaping the cyber landscape. With cyber threats at a peak and the…
-
Iran-linked MuddyWater espionage campaign targets organisations across four continents
A new threat intelligence report from WatchGuard is warning organisations worldwide to strengthen behavioural detection capabilities after uncovering an espionage campaign by the Iran-linked threat group MuddyWater that successfully targeted high-value organisations across four continents. The report details how the group, also known as Seedworm, targeted organisations across manufacturing, aviation, financial services, education, professional services…
-
QA: Solving Synthetic Media Challenges Before All Trust is Lost
Synthetic media has moved from technical curiosity to mainstream threat in just a few years, with deepfakes now cheap enough to produce that a free app and a handful of seconds of scraped audio can generate convincing fakes. The consequences stretch well beyond political misinformation: corporate fraud running into tens of millions of dollars, biometric…
-
Suspected Chinese Threat Group Targets Universities via Vulnerable Roundcube Servers
A suspected Chinese threat cluster is exploiting Roundcube vulnerabilities to compromise university networks in the US and Canada and harvest user credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/china-aligned-cluster-roundcube/
-
Suspected Chinese Threat Group Targets Universities via Vulnerable Roundcube Servers
A suspected Chinese threat cluster is exploiting Roundcube vulnerabilities to compromise university networks in the US and Canada and harvest user credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/china-aligned-cluster-roundcube/
-
Businesses modernizing networks for AI fear expanding attack surface, limited visibility
IT leaders are worried that security controls aren’t keeping pace with threats to AI systems. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-network-expansion-security-concerns-cisco/824581/
-
Businesses modernizing networks for AI fear expanding attack surface, limited visibility
IT leaders are worried that security controls aren’t keeping pace with threats to AI systems. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-network-expansion-security-concerns-cisco/824581/

