New Attack Uses Windows Shortcut Files to Install REMCOS Backdoor
Security firm Point Wild has exposed a new malware campaign using malicious LNK files to install the REMCOS backdoor. This report details how attackers disguise files to gain full system control.
US Government Begins $200M Payouts to Backpage Trafficking Victims
The US DOJ has announced the largest-ever compensation process for human trafficking victims of Backpage. Learn about the $200M fund, who is eligible, and the steps to file a petition before the February 2, 2026, deadline. This comes years after the site's seizure, as previously reported by Hackread.com.
OnlyFans, Discord ClickFix-Themed Pages Spread Epsilon Red Ransomware
Beware of Epsilon Red ransomware as attackers impersonate Discord, Twitch and OnlyFans using fake verification pages with .HTA files and ActiveX to spread malware.
Browser Extensions Can Exploit ChatGPT, Gemini in ‘Man in the Prompt’ Attack
Man in the Prompt attack shows how browser extensions can exploit ChatGPT, Gemini and other AI tools to steal data or inject hidden prompts.
SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed
watchTowr's latest research details critical SonicWall SMA100 flaws (CVE-2025-40596, 40597, 40598). Discover how pre-auth stack/heap overflows and XSS put SSL-VPNs at risk. Patch now!
TrickBot Behind More Than $724 Million in Crypto Theft and Extortion
Akamai's latest Ransomware Report 2025 reveals "quadruple extortion," new AI-driven tactics by groups like Black Basta, FunkSec, and TrickBot, and growing threats to non-profits. Learn about evolving cyber threats.
Allianz Life Data Breach Hits 1.4 Million Customers
Allianz Life Insurance confirms a July 2025 data breach impacting 1.4 million customers, financial pros and employees. Learn how social engineering exploited a third-party CRM, the hallmarks of Scattered Spider tactics, and the broader risks of supply chain vulnerabilities.
SAP NetWeaver Vulnerability Used in Auto-Color Malware Attack on US Firm
Darktrace uncovers the first exploit of a critical SAP NetWeaver vulnerability (CVE-2025-31324) to deploy Auto-Color backdoor malware. Learn how this evasive Linux RAT targets systems for remote code execution and how AI-powered defence thwarts multi-stage attacks.
How Scattered Spider Used Fake Calls to Breach Clorox via Cognizant
Specops Software's analysis reveals how Scattered Spider's persistent help desk exploitation cost Clorox $400 million. Understand the August 2023 breach, its operational disruption, and critical steps organisations must take to protect against similar social engineering threats.
Scattered Spider Launching Ransomware on Hijacked VMware Systems, Google
A new report from Google's GTIG reveals how UNC3944 (0ktapus) uses social engineering to compromise Active Directory, then exploits VMware vSphere for data theft and direct ransomware deployment. Understand their tactics and learn vital mitigation steps.