Security News

Filter by:

Phishers Wreak 'Havoc,' Disguising Attack Inside SharePoint

A complex campaign allows cyberattackers to take over Windows systems by a combining a ClickFix-style attack and sophisticated obfuscation that abuses legitimate Microsoft services.
Dark Reading 4 Mar 2025 11571 Views

12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training

A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, ...
The Hacker News 28 Feb 2025 10637 Views

AI Tricksters Spin Up Fake DeepSeek Sites to Steal Crypto

The fake websites trick users into downloading and running malware that searches for personal information, especially anything related to crypto currency.
Dark Reading 26 Feb 2025 12403 Views

Beware: PayPal "New Address" feature abused to send phishing emails

An ongoing PayPal email scam exploits the platform's address settings to send fake purchase notifications, tricking users into granting remote access to scammers [...]
Bleepingcomputer 23 Feb 2025 1309 Views

Apiiro unveils free scanner to detect malicious code merges

Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb supply chain attacks. [...]
Bleepingcomputer 21 Feb 2025 1287 Views

Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes

Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. "The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the...
The Hacker News 20 Feb 2025 11642 Views

New FrigidStealer infostealer infects Macs via fake browser updates

The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. [...]
Bleepingcomputer 20 Feb 2025 1174 Views

Xerox Printer Vulnerabilities Enable Credential Capture

Attackers are using patched bugs to potentially gain unfettered access to an organization's Windows environment under certain conditions.
Dark Reading 19 Feb 2025 1242 Views

Microsoft spots XCSSET macOS malware variant used for crypto theft

A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app. [...]
Bleepingcomputer 18 Feb 2025 1334 Views

Google Chrome's AI-powered security feature rolls out to everyone

Google Chrome has updated the existing "Enhanced protection" feature with AI to offer "real-time" protection against dangerous websites, downloads and extensions.
Bleeping Computer 17 Feb 2025 1414 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY