Автор: Elizabeth Montalbano, Contributing Writer

Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.

The evolving malware is targeting hospitality and other B2C workers in Canada and Europe with capabilities that can evade Android 13 security restrictions.

The RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access and persistence on targeted networks

The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity.

The prolific ransomware group has shifted away from phishing as the method of entry into corporate networks, and is now using initial access brokers as well as its own tools to optimize its most recent attacks.

A malvertising campaign uses phishing to steal legitimate account pages, with the endgame of delivering the Lumma stealer.

A network of more than 2,600 Telegram bots has helped exfiltrate one-time passwords and data from devices for more than two years.

An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.

An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.

A software engineer hired for an internal IT AI team immediately became an insider threat by loading malware onto his workstation.