Latest IntelligencePage 13
Search by keyword →.webp)
Kali365 PhaaS Operation Expands Beyond Microsoft 365 to Target Okta and MAX Messenger
A new and fast-growing phishing operation is making waves in the cybersecurity world, and it is moving far beyond its original targets. Kali365, a phishing-as-a...
Gemini Voice Assistant Hijacked via Messaging Notifications
Attackers could have triggered dangerous actions, including controlling smart home devices via Google Home and starting Zoom video calls. The post Gemini Voice ...
Payouts King Ransomware Evades EDR With Obfuscation and Direct System Calls
A new ransomware group known as Payouts King has quietly been building a reputation since it first appeared in April 2025. While it spent most of last year flyi...
Police dismantles fake ID marketplace used by migrant smugglers
French and Spanish authorities took down an online marketplace selling fake identity documents to migrant smuggling rings operating within the European Union. [...
Researchers built AI worm that can adapt to infect diverse devices
Researchers at the University of Toronto have unveiled an AI-powered computer worm capable of autonomously adapting its attack methods as it moves through a net...
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Afr...
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Afr...
Mirasvit Vulnerability Exploited to Execute Code on Magento Servers
A flaw in the Full Page Cache Warmer extension can be exploited without authentication via serialized PHP object payloads. The post Mirasvit Vulnerability Explo...
Hackers Actively Exploiting WordPress Plugin Vulnerability to Inject Malicious PHP Code
Hackers are actively exploiting a critical remote code execution (RCE) vulnerability in the Everest Forms Pro WordPress plugin, allowing unauthenticated attacke...
Teams and Google Drive Leveraged to Compromise Systems Within 20 Minutes
Hackers are increasingly abusing trusted enterprise platforms such as Microsoft Teams and Google Drive to deploy stealthy remote access malware, with a newly ob...
Hackers Abusing Microsoft Teams and Google Drive to Deploy Remote Access Malware
Hackers are increasingly abusing trusted enterprise platforms such as Microsoft Teams and Google Drive to deploy stealthy remote access malware, with a newly ob...
Chinese Cybercrime Group TA4922 in Spotlight for Record Campaign Pace
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. The post Chinese Cybercrime Group T...
Chinese Cybercrime Group in Spotlight for Record Campaign Pace
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. The post Chinese Cybercrime Group i...
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. A...
Cisco warns of critical Unified CM flaw with PoC exploit code
Cisco has released security updates to patch a critical-severity Unified Communications Manager (Unified CM) flaw that allows attackers to gain root privileges....
DentaQuest data breach exposed sensitive info of 2.6 million people
DentaQuest says it is investigating a cybersecurity incident involving unauthorized access to part of its network, following the ShinyHunters extortion group's ...
Over 1.4 Million Accounts Disrupted in Cybercrime Crackdown
Law enforcement and tech companies disrupted infrastructure linked to scammers operating across Southeast Asia. The post Over 1.4 Million Accounts Disrupted in ...
Comodo Internet Security 0-Day Vulnerability Lets Attacker Crash the User’s Windows System
An unpatched zero-day vulnerability in Comodo Internet Security’s firewall driver, Inspect.sys, after receiving no response from the vendor following mult...
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffi...
Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months
Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in small, ...