The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims it hacked the Russian aerospace and defense company Tupolev, which develops Russia’s supersonic strategic bombers. […]
BidenCash carding market domains seized in international operation
Earlier today, law enforcement seized multiple domains of BidenCash, the infamous dark web market for stolen credit cards, personal information, and SSH access. […]
FBI warns of NFT airdrop scams targeting Hedera Hashgraph wallets
The FBI is warning about a new scam where cybercriminals exploit NFT airdrops on the Hedera Hashgraph network to steal crypto from cryptocurrency wallets. […]
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
Google has disclosed details of a financially motivated threat cluster that it said “specialises” in voice phishing (aka vishing) campaigns designed to breach organizations’ Salesforce instances for large-scale data theft and subsequent extortion.
The tech giant’s threat intelligence team is tracking the activity under the moniker UNC6040, which it said exhibits characteristics that align with
The tech giant’s threat intelligence team is tracking the activity under the moniker UNC6040, which it said exhibits characteristics that align with
Media giant Lee Enterprises says data breach affects 39,000 people
Publishing giant Lee Enterprises is notifying over 39,000 people whose personal information was stolen in a February 2025 ransomware attack. […]
Google: Hackers target Salesforce accounts in data extortion attacks
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organization’s Salesforce platforms. […]
Kerberos AS-REP roasting attacks: What you need to know
Think your passwords are strong enough? AS-REP Roasting is back in the spotlight — and it’s targeting weak spots in Active Directory. Learn more from Specops Software how attackers exploit missing Kerberos pre-auth and how to stop them with strong password policies. […]
Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers
A financially motivated threat actor employing vishing to compromise Salesforce customers, and extort them.
The post Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers appeared first on SecurityWeek.
Going Into the Deep End: Social Engineering and the AI Flood
AI is transforming the cybersecurity landscape—empowering attackers with powerful new tools while offering defenders a chance to fight back. But without stronger awareness and strategy, organizations risk falling behind.
The post Going Into the Deep End: Social Engineering and the AI Flood appeared first on SecurityWeek.
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems.
According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments.
“Chaos RAT is an open-source RAT written in
According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments.
“Chaos RAT is an open-source RAT written in