Targeted
Threat Intelligence

OpenClaw AI agent found falling for phishing attacks, spills user data

Phishing simulation on an OpenClaw email agent with various configuration profiles showed that it was susceptible to tactics commonly used to compromise human u...

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, disrupting continuous integration pipel...

French govt messaging service breached in account hijacking attack

DINUM, the digital affairs directorate of the French government, warned that hackers used a hijacked user account to breach Tchap, the French government's encry...

NFCShare Android malware spreads via fake banking app updates on GitHub

New variants of the NFCShare Android malware are being distributed as fake updates for legitimate banking apps hosted on GitHub. [...]...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malw...

Fake X-VPN installer deploys STX RAT malware on unsuspecting users

An active malware distribution campaign employs a fake X-VPN installer to deploy the STX RAT in memory and steal credentials from victims. The campaign was docu...

Reducing security operations complexity with Wazuh Cloud

Security teams are increasingly overwhelmed by alert fatigue, infrastructure maintenance, and complex hybrid environments. This article explores how Wazuh Cloud...

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures. [...]...

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware nam...

Norway fines largest electronics retailer $2.1M for client data violations

Norway’s Data Protection Authority (Datatilsynet) has imposed a NOK 20 million (approximately $2.1 million) administrative fine on electronics retail giant Elkj...

Microsoft Outlook leaves email connections unencrypted despite SSL/TLS setting

A server upgrade that introduced stricter email security checks has uncovered what appears to be a long-standing Outlook issue that may have caused some users t...

Brave launches minimalist Origin browser with only core privacy features

Brave has officially launched Brave Origin, a new premium version of its browser designed for users who want Brave's privacy protections without the company's g...

Credit card theft campaign abuses Stripe to host stolen payment info

A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. [...]...

UN food agency discloses breach affecting 600,000 Gaza households

The United Nations' World Food Programme (WFP), the world's largest humanitarian organization, revealed over the weekend that its self-registration application ...

New IronWorm malware hits 36 packages in npm supply-chain attack

A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. [...]...

Police dismantles fake ID marketplace used by migrant smugglers

French and Spanish authorities took down an online marketplace selling fake identity documents to migrant smuggling rings operating within the European Union. [...

Researchers built AI worm that can adapt to infect diverse devices

Researchers at the University of Toronto have unveiled an AI-powered computer worm capable of autonomously adapting its attack methods as it moves through a net...

Chinese hackers use new Atlas RAT malware in European cyberattacks

A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. [...]...

U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors

The U.S. Treasury's Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran's largest cryptocurrency exchange, for facilitating pa...

The U.S. sanctions Nobitex crypto exchange used by ransomware

The U.S. Treasury's Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran's largest cryptocurrency exchange, for facilitating pa...