269 article(s)
After a $186 million crypto heist, the FTC demands Nomad compensate victims and overhaul security, highlighting a saga of ignored warnings and industry-wide lessons.
APT28, Russia’s notorious Fancy Bear hacking group, is targeting Ukrainian UKR.net users with a sophisticated phishing campaign. Using fake login pages, anonymized tunneling, and relentless tactics, the group continues its cyber-espionage operations amid the ongoing war.
A sophisticated attack campaign exploited compromised AWS IAM credentials to deploy large-scale crypto mining operations, leveraging advanced persistence and anti-remediation tactics to evade detection and maximize cloud resource abuse.
SantaStealer, a new info-stealer malware-as-a-service, is targeting credentials, documents, and crypto wallets, but operational blunders are making it easier for defenders to detect and counteract. Our feature unpacks the campaign’s methods, risks, and what you need to know to stay safe.
A third member of the DraftKings hacking ring has pleaded guilty to a credential stuffing scheme that compromised over 60,000 betting accounts and netted $600,000. The case highlights the dangers of password reuse and the persistence of credential-based attacks.
The JSCEAL malware campaign is infiltrating Windows systems under the guise of cryptocurrency apps, using advanced scripting and stealth tactics to steal sensitive financial data. Learn how this evolving threat operates and what it means for online security.
A Netcrook investigation uncovers how thousands of Docker Hub images are leaking AI, cloud, and database credentials—giving attackers direct access to production systems across major industries.
A new wave of JSCEAL infostealer attacks is quietly targeting Windows users in the cryptocurrency sector. Discover how this malware is evolving, the tricks it uses to evade detection, and why defenders must adapt to stay ahead.
A new generation of phishing kits is arming cybercriminals with AI-driven automation and MFA bypass tools, enabling mass credential theft and targeting major brands and European banks. Discover how these kits work and what defenders must do to keep up.
Over 10,000 Docker Hub images have leaked sensitive credentials from more than 100 companies, including industry giants. This feature investigates how a simple developer mistake—and shadow IT—can unlock entire corporate environments for attackers.