Attacks

Tracer AI combats fraud, counterfeits and narrative attacks in ChatGPT – Help Net Security

Tracer AI launched Tracer Protect for ChatGPT, a solution that protects brands from the reputational harm being propagated at machine scale via AI chatbots by bad actors. The rising popularity of generative AI (genAI) engines is driving the urgent and rapidly evolving brand security threat vector faced by enterprises. Tracer Protect for ChatGPT actively monitors…

FBI Warns of Scattered Spider’s Expanding Attacks on Airlines Using Social Engineering

ellonjohns4 weeks ago013 mins

The U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting footprint to strike the airline sector. To that end, the agency said it’s actively working with aviation and industry partners to combat the activity and help victims. “These actors rely on social engineering…

20 Top-Level Domain Names Abused by Hackers in Phishing Attacks

ellonjohns2 months ago010 mins

Phishing attackers abuse TLDs like .li, .es, and .dev to hide redirects, steal credentials, and bypass detection. See top domains flagged by ANY.RUN in 2025. Some phishing sites don’t need fancy tricks, just the right domain name. And you won’t always spot it until it’s too late. Hackers have become masters at abusing certain Top-Level…

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

ellonjohns2 months ago09 mins

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. “Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents,” Qualys security researcher Akshay Thorve said in a technical report. “The attack chain…

15 of the Biggest Ransomware Attacks in History | Informa TechTarget

ellonjohns3 months ago021 mins

Ransomware has become a favorite attack strategy for bad actors, with reports labeling it the most effective way for cybercriminals to monetize illegal access into networks. News of ransomware attacks appears daily. More troubling still are predictions that ransomware gangs are becoming more adept at using AI, and well-funded ones could soon use agentic…

TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks

ellonjohns3 months ago033 mins

In this blogpost, ESET researchers provide an analysis of Spellbinder, a lateral movement tool for performing adversary-in-the-middle attacks, used by the China-aligned threat actor that we have named TheWizards. Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and redirecting the traffic of…

Attacks on the education sector are surging: How can cyber-defenders respond?

ellonjohns3 months ago012 mins

Academic institutions have a unique set of characteristics that makes them attractive to bad actors. What’s the right antidote to cyber-risk? 14 Apr 2025 • , 5 min. read We all want the best possible education for our children. But even the best-laid plans can come unstuck when confronted with an agile, persistent and devious…

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

ellonjohns4 months ago036 mins

Mar 17, 2025Ravie LakshmananCybersecurity / Hacking News From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats…

Incident response for web application attacks | TechTarget

ellonjohns5 months ago017 mins

As long as web application attacks are successful, malicious actors will continue to target them. Even with strong security programs, organizations will fall victim to such attacks. To come out the other side as unscathed as possible, it is important for organizations to have a web application incident response plan in place. Incident response…

How New AI Agents Will Transform Credential Stuffing Attacks

ellonjohns5 months ago017 mins

Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers. Stolen…

Highlights

I don’t think foldables will become mainstream until this one thing changes

Apple iOS 26 public beta is live, here’s everything you need to know about the new iPhone features and how to use them

Phishers Target Aviation Execs to Scam Customers – Krebs on Security

Kioxia Unveils 245.76TB SSD That Can Store 3 Years of 4K Video on a Single Drive! A New Standard for AI & Cloud Giants

Category Collection