Woodgnat Hackers Use Mistic RAT to Broker Access for Ransomware Gangs
Woodgnat Hackers use Backdoor.Mistic, a stealthy RAT, to let brokers compromise networks and sell entry points to ransomware groups, putting firms at risk.
macOS Flaw Allowed Standard Users to Disable CrowdStrike and Kandji Security Tools
A macOS XPC flaw let regular users disable CrowdStrike and Kandji tools, exposing security gaps that vendors patched after XM Cyber reported the security issue.
Fake GTA 6 Early Access Websites Target Gamers with Malware and Crypto Scams
GTA 6 scams are luring fans with fake early access, crypto payments and malware downloads. Learn why PC and Android gamers face the biggest risks online today.
Suspected Cyberattack Sends Fake Emergency Alert to Phones Across Brazil
Brazil’s alert system was taken offline after a fake emergency alert reached phones, with officials investigating a suspected cyberattack and security failure.
New GhostShell Hacking Group Targets Ukraine’s Drone Defense Sector
Researchers warn GhostShell is using fake drone documents to target Ukrainian defence teams, stealing passwords and sensitive data in a new cyber campaign.
Fake npm Packages Impersonate PostCSS Tool to Steal Chrome Passwords
JFrog warns of malicious npm packages that mimic PostCSS tooling, drop a Windows RAT, and target Chrome-stored passwords through a staged infection setup route.
‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking
Novee Security reveals Cordyceps, a CI/CD vulnerability in GitHub Actions workflows that let anonymous users poison builds and expose tokens across major projects today.
New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto
Microsoft researchers warn of a new dual-action cryptocurrency clipper (CryptoBandits Malware) spreading through USB devices to alter wallet addresses and steal crypto assets.
2 Scattered Spider-Linked Hackers Plead Guilty Over £39M TfL Cyberattack
Two teenagers face sentencing after admitting to a massive Scattered Spider cyberattack that hit Transport for London (TfL) and US healthcare networks.
Beats Studio Buds Flaw Could Let Nearby Attackers Eavesdrop on Users
Apple has released a security update to patch a Beats Studio Buds flaw that let nearby hackers listen to conversations through the microphone.