Threat actors behind web skimming campaigns are using malicious JavaScript to mimic Google Analytics and Meta Pixel scripts to avoid detection. Microsoft security researchers recently observed web skimming campaigns... Read more »

Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary General Jurgen Stock declared that nation-state malwre will become... Read more »

Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College. Researchers from SEKOIA.IO Threat & Detection Research (TDR) team... Read more »

Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat... Read more »

A security researcher announced the discovery of an unpatched flaw in PayPal that could allow attackers to steal money from users. TheHackerNews first reported that a security researcher (that... Read more »

Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting... Read more »

Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon. Researchers from threat intelligence firm Cyble uncovered a malware... Read more »

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to... Read more »

North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers. North Korea-linked group Lazarus is exploiting the Log4J RCE vulnerability... Read more »