Bogus Avast website fakes virus scan, installs Venom Stealer instead

A fake website impersonating Avast antivirus is tricking people into infecting their own computers. The site looks legitimate, runs what appears to be a virus scan, and claims your system is full of threats. But the results are fake: when Read More …

Commission investigates cyberattack targeting EU websites

The European Commission has announced that it is investigating a cyber attack that took place on Tuesday, targeting its cloud infrastructure hosting the ‘europa.eu’ websites and leading to a data leak. “Early findings of our ongoing investigation suggest that data Read More …

Iranian hackers allegedly breached FBI Director Patel’s personal emails

Hackers breached FBI Director Kash Patel’s personal email, according to sources familiar with the situation. The majority of the emails were from prior to 2019, according to sources, and appear to be from before his tenure at the FBI. There Read More …

Infiniti Stealer: A new macOS infostealer using ClickFix and Python/Nuitka

A previously undocumented macOS infostealer has surfaced during our routine threat hunting. Malwarebytes Labs researchers initially tracked it as NukeChain, but shortly before publication, the malware’s operator panel became publicly visible, revealing its real name: Infiniti Stealer. This malware is Read More …

Millions possibly affected by data breach at dermatology giant QualDerm

Dermatology management services giant QualDerm suffered a cyberattack in late 2025 which saw it lose sensitive personal and healthcare data on more than three million people. The company is now notifying affected individuals by mail, noting in a breach notification Read More …

AI Drives Cyber Attacks That Unfold in Minutes

Artificial intelligence is speeding up timelines for cyber attacks, a new report has found, creating what the authors call a widening “cybersecurity speed gap” between bad actors and defense efforts. The report from Booz Allen Hamilton, published this month, shows Read More …

Russian initial access broker who fed ransomware crews gets 81 months in US prison

A Russian national who sold the keys to corporate networks faces nearly seven years in a US prison after prosecutors tied his handiwork to a string of ransomware attacks costing victims millions of dollars. Aleksei Volkov, 26, was sentenced to Read More …

Google Authenticator: The Hidden Mechanisms of Passwordless Authentication

Passwordless authentication is often presented as the end of account takeover. But to understand the real threat landscape, we need to examine how passwordless is actually deployed in the real world. Attackers do not break protocols in theory. They target Read More …

Trio-Tech International hit by ransomware attack

Trio-Tech International initially shrugged off a ransomware attack at a Singapore subsidiary as immaterial, only to reverse course days later after discovering stolen data had been disclosed. The California-based semiconductor testing and burn-in services outfit said it detected a ransomware Read More …