DPRK’s FlexibleFerret Tightens macOS Grip
The actor behind the “Contagious Interview” campaign is continuing to refine its tactics and social engineering scams to wrest credentials…
Cyber Security
Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys
New research has found that organizations in various sensitive sectors, including governments, telecoms, and critical infrastructure, are pasting passwords and…
With Friends Like These: China Spies on Russian IT Orgs
State-linked hackers stayed under the radar by using a variety of commercial cloud services for command-and-control communications.
As Gen Z Enters Cybersecurity, Jury Is Out on AI’s Impact
Despite possibly supplanting some young analysts, one Gen Z cybersecurity specialist sees AI helping teach those willing to learn and…
JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers
Cybersecurity researchers are calling attention to a new campaign that’s leveraging a combination of ClickFix lures and fake adult websites…
‘JackFix’ Attack Circumvents ClickFix Mitigations
A new ClickFix variant ratchets up the psychological pressure to 100 and addresses some technical mitigations to classic ClickFix attacks.
Tool Sprawl Taxes Your Business More Than You Think
Ross Brouse has a name for what he sees every day. The Frankenstack. “The lack of operational simplicity comes from…
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens
The threat actor known as ToddyCat has been observed adopting new methods to obtain access to corporate email data belonging…
3 SOC Challenges You Need to Solve Before 2026
2026 will mark a pivotal shift in cybersecurity. Threat actors are moving from experimenting with AI to making it their…
Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware
Cybersecurity researchers have disclosed details of a new campaign that has leveraged Blender Foundation files to deliver an information stealer…