-
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used “compromised websites to redirect visitors to malicious infrastructure designed to trick users into authorizing attacker-controlled devices through Microsoft’s device code …
-
Cybersecurity researchers have discovered a cybercrime campaign that’s using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef. “The objective is to lure victims into downloading and installing a trojanized PDF editor, which includes an information-stealing malware dubbed TamperedChef,” Truesec researchers Mattias Wåhlén, Nicklas Read More
-
Three federal agencies were parties to a global security advisory this week warning about the extensive threat posed by Chinese nation-state actors targeting network devices. Read More
-
The credit reporting agency said the breach was “limited to specific data elements” and didn’t include credit reports or core credit information. Read More
-
Many familiar faces made Flashpoint’s 2025 midyear ransomware report, as well as new gangs, which are increasingly using AI. Read More
-
One of the most sophisticated supply chain attacks to date caused immense amounts of data to leak to the Web in a matter of hours. Read More
-
The company said the threat actor abused its Claude Code service to “an unprecedented degree,” automating reconnaissance, intrusions, and credential harvesting. Read More
-
“ZipLine” appears to be a sophisticated and carefully planned campaign that has already affected dozens of small, medium, and large organizations across multiple industry sectors. Read More
-
In response to a cyberattack that was first detected on Sunday, the governor shut down in-person services for state offices while restoration efforts are underway. Read More
-
The Mustang Panda APT is hijacking Google Chrome browsers when they attempt to connect to new networks and redirecting them to phishing sites. Read More