The identified infrastructure, totaling 45 domains, has also been identified as sharing some level of overlap with another ...

This week, one story stands out above the rest: the Salesloft–Drift breach, where attackers stole OAuth tokens and accessed ...

Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed ...

While phishing is still a serious threat that continues to grow (especially with the increase in AI-driven attacks), it's a ...

The development comes as HarfangLab linked a Belarus-aligned threat actor known as Ghostwriter (aka FrostyNeighbor or UNC1151 ...

GPUGate malware uses Google Ads and fake GitHub commits to steal data from IT firms since Dec 2024, bypassing sandboxes and GPU-lacking systems.

Ephemeral accounts grant random high privileges but hinder audits, forcing SOC teams into blind incident response.

Traditional firewalls, VPNs, and public-facing IPs expose your attack surface and are no match in the AI era. It's time for a ...

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

Cloudflare mitigated a record 11.5 Tbps DDoS attack in 35 seconds, highlighting rising hyper-volumetric threats.

Four npm packages uploaded since Sep 2023 impersonate Flashbots, stealing Ethereum keys and seeds via Telegram ...

GhostRedirector compromised 65 Windows servers since Aug 2024 using Rungan and Gamshen malware, driving SEO fraud.