A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...

What Is An Advanced Persistent Threat (APT)? Advanced persistent threats (APTs) are a type of cyber attack that is designed to gain unauthorized access to a network or system and maintain a presence ...

Researchers have observed attackers weaponizing OAuth apps Attackers gain access that persists even through password changes and MFA This isn't just a proof of concept - it's been observed in the wild ...

Proofpoint has warned about phishing campaigns abusing legitimate device authorization flow to bypass MFA and gain persistent ...

A new malware family named WarmCookie, also known as BadSpace, has been actively distributed through malspam and malvertising campaigns since April 2024. According to a blog post from Cisco Talos ...

Cybercriminals and spies working for nation-states are surreptitiously coexisting inside compromised name-brand routers as they use the devices to disguise attacks motivated both by financial gain and ...

Attackers could exploit two key authentication cookies used by Azure Entra ID to bypass MFA and hijack legitimate user sessions — thus gaining persistent access to Entra ID-protected resources in ...

The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent ...

An advanced persistent threat (APT) group, Flax Typhoon, was able to gain persistent access to the mapping tool ArcGIS for over a year, putting several enterprises at risk. ArcGIS is a geospatial ...

Agentic AI is on the rise: By 2028, 33% of enterprise software will include agentic AI, enabling autonomous decision-making and task execution across digital environments. Traditional access controls ...

A Chinese APT group has compromised a Philippines-based military firm using a novel, sophisticated fileless malware framework dubbed “EggStreme”, Bitdefender researchers have warned. The multi-stage ...