OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.

A fake Google security site installs a malicious PWA that steals OTPs, crypto wallets, and location data. Here’s how the ...

Iranian-affiliated cyber actors and hacktivist groups "may still conduct malicious cyber activity," according to a joint bulletin from U.S. law enforcement agencies. "Based on the current geopolitical ...

Among the many constantly evolving tactics that threat actors are using to target organizations is a new one involving emulated Linux environments to stage malware and conceal malicious activity.

A new joint assessment fact sheet by US law enforcement agencies says, that the Iran-backed proxy cyber actors and hacktivist group "may still conduct malicious cyber activity," "Based on the current ...

Thousands of machines running Linux have been infected by a malware strain that’s notable for its stealth, the number of misconfigurations it can exploit, and the breadth of malicious activities it ...

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Two new threat modes can flip generative AI model behavior from serving your GenAI applications to attacking them, according to three security researchers. While a jailbroken GenAI model itself may ...

Longer underground channel lifespans are mirrored by sharply higher blocking rates, prompting fraudsters to explore alternatives. Modern digital messengers, like WhatsApp, Telegram, Signal and various ...