-
"FakeCall Android Trojan Evolves with New Evasion Tactics and Expanded Espionage Capabilities"New research shows that the "FakeCall" Android banking trojan, also known as "Fakecalls," has grown more sophisticated in evasion and espionage.
-
"Malware Operators Use Copyright Notices to Lure in Businesses"Cisco Talos researchers have observed threat actors using copyright infringement claims to trick targets and deploy infostealers.
-
"Colorado Accidentally Put Voting System Passwords Online, but Officials Say Election Is Secure"Colorado state election officials recently announced that voting system passwords were mistakenly put on the Colorado Secretary of State's website for several months before being spotted and taken down.
-
"Microsoft: Chinese Hackers Use Qaud7 Botnet to Steal Credentials"Microsoft warns that Chinese threat actors are using the "Quad7" botnet, built with hacked Small Office/Home Office (SOHO) routers, to steal credentials in password-spray attacks.
-
"Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-Days"Sophos has detailed a years-long battle with Chinese government-backed hacking teams and admitted to using its own custom implants to track the hackers' tools, movements, and tactics.
-
"New Xiu Gou Phishing Kit Targets US, Other Countries with Mascot"Since at least September 2024, users in the US, UK, Spain, Australia, and Japan have been targeted by a new phishing kit named "Xiu Gou," which was designed to deploy phishing attacks globally.
-
"Hackers Target Critical Zero-Day Vulnerability in PTZ Cameras"Hackers are targeting two zero-day vulnerabilities in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras used in industrial, healthcare, government, and courtroom settings.
-
"New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics"According to researchers at ThreatFabric, "LightSpy," an Apple iOS spyware, now has an improved version with destructive capabilities to prevent the compromised device from booting up.
-
"Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware"Researchers at Bitdefender Labs have discovered a malvertising campaign that abuses Meta's advertising platform and hijacks Facebook accounts to distribute the "SYS01stealer" infostealer.
-
"Hackers Steal 15,000 Cloud Credentials From Exposed Git Config Files"An operation named "EmeraldWhale" has led to the theft of over 15,000 cloud account credentials from thousands of private repositories by scanning for exposed Git configuration files.
-
"Canadian Government Data Stolen By Chinese Hackers"According to the Canadian Centre for Cyber Security's 2025-2026 "National Cyber Threat Assessment," Chinese state-sponsored threat actors have maintained access to at least 20 Canadian government networks for four years to steal valuable data.
-
"Over a Thousand Online Shops Hacked to Show Fake Product Listings"Since 2019, a phishing campaign named "Phish n' Ships" has infected over 1,000 legitimate online stores to promote fake product listings for rare items.
News