HUB access

Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that’s written in Rust, marking a significant departure from other known Delphi-based malware families associated with the Latin American cybercrime ecosystem. The malware, which is designed to

Citește mai departe

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed Slopoly put to use by a financially motivated threat actor named Hive0163. “Although still relatively unspectacular, AI-generated malware such as Slopoly shows how easily threat actors can

Citește mai departe

How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs

Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure, legitimate-looking authentication flows, and encrypted traffic that conceals malicious behavior from traditional detection

Citește mai departe

ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More

Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is lazy. A few bits fall into that uncomfortable category of “yeah… this is probably going to

Citește mai departe

Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload

The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of five minutes, the outcome can shift from a contained incident to

Citește mai departe

Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

Apple on Wednesday backported fixes for a security flaw in iOS, iPadOS, and macOS Sonoma to older versions after it was found to be used as part of the Coruna exploit kit. The vulnerability, tracked as CVE-2023-43010, relates to an

Citește mai departe

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution, TaxiSpy RAT, BeatBanker, Mirax, and Oblivion RAT

Citește mai departe

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-68613 (CVSS score: 9.9), concerns a

Citește mai departe