Cybercriminals are impersonating CrowdStrike recruiters to lure job seekers into downloading malware under the guise of job offers. Victims receive phishing emails directing them to a fake CrowdStrike website, where they are tricked into installing a malicious app that deploys XMRig, a cryptominer used to mine Monero cryptocurrency.

Read More
1 min read

The rapid growth of mobile applications has created opportunities for threat actors to exploit users, as seen in the emergence of FireScam malware targeting Android devices, cybersecurity researchers at Cyfirma report.

Read More
1 min read

SquareX, a pioneer in Browser Detection and Response (BDR) solutions, has issued a warning about OAuth-based phishing attacks targeting Chrome extension developers, exposing users to session hijacking and data theft.

Read More
1 min read

FortiGuard Labs has observed an increase in activity from two botnets, FICORA and CAPSAICIN, during late 2024.

Read More
1 min read

On December 23, 2024, CloudSEK's TRIAD team revealed critical security vulnerabilities in Postman Workspaces, with over 30,000 publicly accessible workspaces leaking sensitive data, such as API keys, access tokens, and administrator credentials.

Read More
1 min read

Cybersecurity researcher Jeremiah Fowler uncovered a 1.2TB misconfigured database from Builder.ai, exposing over 3 million records without authentication or passwords.

Read More
1 min read

The Play ransomware group has claimed responsibility for a data breach at Krispy Kreme, threatening to release sensitive internal company data within two days. Known for its double-extortion model, the group exfiltrates and encrypts data, pressuring victims to meet ransom demands or face public exposure of stolen information.

Read More
1 min read

As cryptocurrency adoption grows, so do scams targeting investors and traders. Common threats include phishing, malware, Ponzi schemes, fake wallets, and pump-and-dump frauds. Scammers exploit trust and technical vulnerabilities, often using advanced tactics like deepfakes, fake apps, and AI-generated phishing campaigns.

Read More
1 min read

The ransomware group Cicada3301 has claimed responsibility for breaching Concession Peugeot, a French automotive dealership, stealing 35GB of sensitive data, including invoices, internal communications, and passport copies.

Read More
1 min read

In 2025, certain professions face heightened cybersecurity risks due to the nature of their work. IT professionals are exposed through frequent interactions with compromised systems and malware, which attackers exploit to access larger networks.

Read More
1 min read

A significant healthcare data breach occurred when cybersecurity researcher Jeremiah Fowler uncovered an unprotected database belonging to Care1, a Canadian provider of AI-powered software for optometrists.

Read More
1 min read

The Black Basta ransomware group has refined its social engineering tactics, launching a global campaign that combines sophisticated techniques with advanced tools to breach organizations.

Read More
1 min read