Cobalt Strike Beacon delivered via GitHub and social media

n the latter half of 2024, the Russian IT industry, alongside a number of entities in other countries, experienced a notable cyberattack. The attackers employed a range of malicious techniques to trick security systems and remain undetected. To bypass detection, Read More …

Digital Compliance Alert: UK Online Safety Act and EU Digital Services Act Cross-Border Impact Analysis

As of July 25, 2025, all sites and apps that allow pornography will need to have strong age checks in place, to make sure children can’t access that or other harmful content. This represents the most significant change to how Read More …

Australia mandates age verification on major platforms, threatens $50M fines

Australia is implementing comprehensive internet age verification and ID check requirements as part of a major overhaul of online safety regulation. By December 27, 2025, major platforms including Google and Microsoft must implement age verification checks on their search engines Read More …

US Army soldier pleads guilty to hacking telcos and extortion

Former U.S. Army soldier Cameron John Wagenius pleaded guilty to hacking telecommunication companies and attempting to extort them by threatening to release stolen files, the Department of Justice announced on Tuesday. According to the DOJ, Wagenius, who went online with Read More …

‘Pig butchering’ scams have stolen billions from people around the world.

At the beginning of 2025, panic about fraud and human trafficking erupted on Chinese social media. It started when a Chinese actor called Wang Xing was tricked into travelling to Thailand for an audition, where he was abducted by criminals Read More …

FBI: Fraudsters Target US Stock Investors through Investment Clubs Accessed on Social Media and Messaging Applications

The FBI warns the public about criminals targeting US stock investors through social media platforms and messaging service applications (apps). The scheme, known as a “ramp-and-dump” stock manipulation, targets US investors through online engagement, often via social media advertisements or Read More …

Fortinet Flaws Exploited by Qilin Ransomware

Fortinet was recently found to have certain vulnerabilities that hackers like the Qilin group exploited. Here’s how they manipulated these weaknesses: Misconfigurations in security appliances provided a direct entry point for Qilin.Outdated Software: Failure to update Fortinet software allowed the Read More …

FBI probes effort to impersonate White House chief of staff Susie Wiles

One or more unknown people accessed White House chief of staff Susie Wiles’ personal cellphone and used her contacts file to reach out to other top officials and impersonate her, sources told CBS News Thursday. Some of the recipients realized Read More …

Zanubis in motion: Tracing the active evolution of the Android banking malware

Zanubis is a banking Trojan for Android that emerged in mid-2022. Since its inception, it has targeted banks and financial entities in Peru, before expanding its objectives to virtual cards and crypto wallets. The main infection vector of Zanubis is Read More …

Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials

The possibility that data could be inadvertently exposed in a misconfigured or otherwise unsecured database is a longtime privacy nightmare that has been difficult to fully address. But the new discovery of a massive trove of 184 million records—including Apple, Read More …