Scammers have a new tactic: impersonating DOGE

The campaign targeted over 1,800 email addresses and more than 350 organizations, including colleges, universities, transit entities, and government bodies. The attackers aim to steal PII.

NTLM relay attacks are back from the dead

NTLM relay attacks can compromise domain-joined hosts without requiring password cracking. These attacks can reach Tier Zero assets, significantly increasing the risk and potential damage.

Taiwan Flags Chinese Apps Over Data Security Violations

Taiwan’s National Security Bureau (NSB) has issued a public warning following random inspections of five Chinese-developed mobile applications—TikTok, WeChat, Weibo, Baidu Cloud, and rednote—widely used by Taiwanese citizens.

Researchers Defeat Content Security Policy Protections via HTML Injection

Security researchers have demonstrated a method to bypass nonce-based Content Security Policy (CSP) protections using HTML injection, CSS-based nonce leakage, and browser cache manipulation.

China-linked hackers spoof big-name brand websites to steal shoppers' payment info

A sophisticated phishing campaign, likely operated by China-based cybercriminals, is targeting global online shoppers through thousands of fraudulent retail websites impersonating major brands.

CapCut Con: Apple Phishing & Card-Stealing Refund Ruse

Threat actors are leveraging the popularity of CapCut, a widely used video editing app, to execute a sophisticated phishing campaign aimed at stealing Apple ID credentials and credit card information.

Fake DocuSign email hides tricky phishing attempt

A sophisticated phishing campaign has been observed leveraging legitimate services such as DocuSign, Webflow, and Google to deceive users and conduct system reconnaissance.

GIFTEDCROOK’s Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations

Threat actor UAC-0226 is leveraging the evolving GIFTEDCROOK malware in an espionage campaign. Initially a browser credential stealer, GIFTEDCROOK has transformed into a robust surveillance tool targeting Ukrainian government and military entities.

Microsoft 365 'Direct Send' abused to send phishing as internal users

A phishing campaign is actively exploiting Microsoft 365's "Direct Send" feature to send spoofed internal emails and steal user credentials. Direct Send, which allows unauthenticated email sending via a tenant's smart host, is a known security risk.

MOVEit Transfer Systems Hit by Wave of Attacks Using Over 100 Unique IPs

A significant surge in scanning and exploitation activity has been observed targeting Progress Software’s MOVEit Transfer platform. Over 682 unique IP addresses have been identified in scanning operations.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags