Threats

1194 articles

LofyLife: malicious packages in npm repository

Four malicious packages in npm repository

New malicious campaign hunts for Discord tokens and credit card information via infected npm packages.

CosmicStrand rootkit hides in the UEFI firmware

CosmicStrand: a UEFI rootkit

Our experts discovered a fresh version of CosmicStrand, a rootkit that hides from researchers in the UEFI firmware.

Sky Mavis robbed of $540 million in spyware attack

A half-a-billion-dollar crypto heist

We review a major cryptocurrency theft using spyware inside a PDF.

New ransomware: a cross-platform future

The new Luna and Black Basta ransomware strains are capable of attacking Windows, Linux and VMware ESXi.

Raining bitcoin: Fake Nvidia giveaway

How scammers swindle users out of cryptocurrency through a fake Nvidia giveaway supposedly worth 50,000 BTC.

avorable exchange rate on a fake cryptoexchange

Hyped-up fake crypto-exchanges on YouTube

How scammers lure YouTube users to a fake website where a purported bug lets them exchange Bitcoin at an excellent rate.

Phishing QR-code attack on QQ users

How scammers hijacked QQ accounts in a phishing QR-code attack.

“Package for you. Please scan the QR code”

How cybercriminals extract bank card details pretending to be DHL.

If your internet connection is slow, one reason could be router malware. We explain how routers get infected and how to guard against attacks

The hidden threats of router malware

Malware can infect your router, slow down the internet connection and steal data. We explain how to protect your Wi-Fi.

Hacking a powered-off iPhone: vulnerabilities never sleep

Can a device be hacked when switched off? Recent studies suggest so. Let’s see how this is even possible.

How phishers prey on Wise / TransferWise users

Phishing for Wise guys

Here’s how phishers extract phone numbers and credentials from users of Wise.

CVE-2022-30190 aka Follina, a recently found vulnerability in the Windows Support Diagnostic Tool (MSDT), can be exploited via office documents.

Follina: office documents as an entrance

New vulnerability CVE-2022-30190, aka Follina, allows exploitation of Windows Support Diagnostic Tool via MS Office files.

Third-party apps for Tesla, Nissan, Renault and other connected cars require access to an account with the manufacturer — that’s a security risk

Automotive apps: who gets your car keys?

Most third-party apps for connected cars require access to your account with the manufacturer. But are they secure?

Cryptoscam giveaway: phishers go after seed phrases

We explain how scammers steal cryptowallets through phishing.

We explain how phishers swindle Wells Fargo customers out of credentials, passwords, card details and selfies with ID card

Bank phishing and identity theft

We explain how phishers are swindling Wells Fargo customers out of personal credentials, passwords, card details, and selfies with an ID card.

Time to update Windows! Microsoft released patches for several dozen of vulnerabilities, including CVE-2022-26925 that is being actively exploited by cybercriminals.

Actively exploited vulnerability in Windows

Time to update Windows! Microsoft has released patches for several dozen vulnerabilities, one of which cybercriminals are actively exploiting.

Meet the Trojan subscribers hungry to sign you up

We explain how Android users fall victim to Trojan subscribers Jocker, MobOk, Vesub and GriftHorse.

What is a browser-in-the-browser (BitB) attack

Browser-in-the-browser attack: a new phishing technique

We explain a new sneaky technique for stealing passwords, and how to avoid being tricked by a phishing site.

Lazarus backdoor in DeFi wallet

The Lazarus group continues to prey on cryptocurrency: cybercriminals distribute DeFi wallets with built-in backdoor.

Malware in e-mail on the rise

Malicious spam campaign targeting organizations grows 10-fold in a month, spreads Qbot and Emotet malware.

128 vulnerabilities in Microsoft products

A bunch of vulnerabilities in Windows, one already exploited

Microsoft patches 128 vulnerabilities in a list of products, including Windows and its components.

Free Tools