News • Insights • Analysis
When a suspicious email lands in your inbox promising financial rewards or urgent payment requests, the infrastructure behind that email is rarely what it appears to be. An investigation by Comparitech revealed a coordinated spam and phishing network spanning 12,704 servers in Read More …
The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for Read More …
VRChat, Inc. has filed a data breach notice revealing that the information of more than 2.4 million users was involved in a data breach. According to the notice, VRChat experienced unauthorized access to some account data between May 10 and May 12, Read More …
Short-form video platforms like TikTok and Instagram Reels have become the latest way cybercriminals spread malware. We’ve already seen attackers move away from traditional phishing emails and toward tactics that trick people into installing malware themselves. Now they’re being lured with slick Read More …
The patient tally from the Synnovis ransomware attack continues to grow two years later, with Mid and South Essex NHS Foundation Trust confirming it was caught up in the breach. The trust told The Register that the Synnovis breach affected about 2,380 records Read More …
A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S. cybersecurity agency CISA to order all civilian agencies to remediate the vulnerability by end of day Wednesday. Cybersecurity firm Check Point Read More …
WhatsApp said that it disrupted a new hacking campaign linked to NSO Group, a spyware maker that has been ensnared in countless cases of abuse all over the world. The messaging app maker accused NSO of violating an earlier court order that bars Read More …
Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code. Many of the affected projects relate to Microsoft’s cloud Read More …
While tracking the activities of 4BID Kaspersky researchers uncovered a new string of campaigns that appear to be the work of several interconnected actors. While politically motivated groups generally limit their scope to specific nations – for 4BID and its peers, Read More …
From January through May 2026, Mandiant identified a financially motivated data theft extortion campaign executed by the threat cluster UNC3753 (also tracked as “Luna Moth,” “Chatty Spider,” and “Silent Ransom Group”) targeting dozens of organizations across professional, legal, and financial Read More …
