Category Security

Feb 13, 2025Ravie LakshmananWeb Security / Cloud Security A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud. “The…

The US Coast Guard has been urged to improve the cybersecurity infrastructure of the Maritime Transportation System (MTS), which includes ports, waterways, and vessels essential for transporting over $5.4 trillion worth of goods annually. The Government Accountability Office (GAO) has…

Losses to romance baiting, or pig butchering, scams increased 40% year-on-year (YoY) in 2024 to comprise a third of total crypto fraud revenue, according to Chainalysis. A day before Valentine’s Day, the blockchain analytics company revealed the darker side of…

Feb 13, 2025Ravie LakshmananUnited States A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to…

A sophisticated new phishing tool dubbed “Astaroth” has emerged on cybercrime platforms, boasting advanced methods to bypass two-factor authentication (2FA). First advertised in January 2025, the kit employs session hijacking and real-time credential interception to compromise accounts on Gmail, Yahoo,…

Feb 13, 2025The Hacker NewsApplication Security / DevOps Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides together without…

A 48-year-old woman from Arizona has pleaded guilty to charges related to a criminal scheme which saw North Korean IT workers employed remotely by hundreds of US companies. Christian Marie Chapman, of Litchfield Park, Arizona, is said to have helped…

Researchers have uncovered a highly sophisticated North Korean campaign to covertly distribute crypto-stealing malware via open source components. SecurityScorecard said in a blog post published this morning that it suspects the infamous Lazarus Group of being behind the live campaign,…

Feb 13, 2025Ravie LakshmananMalware / Cyber Espionage Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected…

The story of how hackers managed to compromise the US Government’s official SEC Twitter account to boost the price of Bitcoins, AI isn’t helping reduce the rife conspiracy theories inside classrooms, and is the funeral bell tolling for ransomware? All…