Order-tracking app Shop abused to push callback phishing attacks
Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' order histories to trick them into providing sensitive data or installing remote access software.
Microsoft quietly extends free Windows 10 ESU support to October 2027
Microsoft has quietly extended its free Windows 10 Extended Security Updates (ESU) program for consumers by an additional year, allowing enrolled devices to continue receiving security updates until October 12, 2027.
Microsoft quietly extends free Windows 10 ESU support to October 2027
Microsoft has quietly extended its free Windows 10 Extended Security Updates (ESU) program for consumers by an additional year, allowing enrolled devices to continue receiving security updates until October 12, 2027.
PreCrime™ Credentials is a fully managed "Honeypot-as-a-Service" that deceives threat actors by deploying decoy login portals to silently intercept and validate stolen credentials against your actual identity provider.
Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats
Market research company Klue told customers that it believes the hacking group that stole their data is now deleting it. The company, however, warned about a second group of hackers wanting ransom.
New macOS malware embeds fake errors to confuse AI analysis tools
A newly discovered macOS malware dubbed "Gaslight" is designed to confuse AI-assisted malware analysis tools by hiding prompt injection strings and fake debugging data within the executable.
It didn't start with an email. The user clicked a Facebook ad — a sponsored post that looked routine — and a tab opened to what looked like an official Microsoft Support page. Within seconds the browser locked up: a dialog they couldn't dismiss, a fake security scan reporting "1,200 threats," and their own city and IP address staring back at them — "Your device has been blocked due to illegal activity by the State of Ohio. Contact Microsoft Windows Support: +1-888-671-7340." The page was hosted on Microsoft's own Azure cloud. It never asked for a password. It didn't need to.
Bluekit phishing kit adopts browser-in-the-middle for login theft
The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and by adding browser-in-the-middle capabilities for improved data theft.
Bluekit phishing kit adopts browser-in-the-middle for login theft
The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and by adding browser-in-the-middle capabilities for improved data theft.
OpenAI punta sull’automazione delle patch: Daybreak e la nuova frontiera della cyber security
L’obiettivo dell'espansione di Daybreak, il suo programma dedicato alla cyber security difensiva, è la capacità degli LLM di correggere le vulnerabilità in modo automatizzato e a scala. Ecco la nuova direzione della ricerca sull’AI applicata alla cyber
Fraudsters don't attack just one transaction. They target accounts, platforms, and entire ecosystems. IPQS explains the four elevations of fraud prevention and why broader visibility improves fraud detection.
Attacco ransomware a Tata Electronics: 630 GB di dati riservati di Apple e Tesla finiscono online
Il gruppo World Leaks colpisce la supply chain globale dell'elettronica, esponendo documenti confidenziali di due dei brand più potenti al mondo. L'attacco ransomware ci ricorda, ancora una volta, quanto siamo tutti interconnessi e vulnerabili
Attacco ransomware a Tata Electronics: 630 GB di dati riservati di Apple e Tesla finiscono online
Il gruppo World Leaks colpisce la supply chain globale dell'elettronica, esponendo documenti confidenziali di due dei brand più potenti al mondo. L'attacco ransomware ci ricorda, ancora una volta, quanto siamo tutti interconnessi e vulnerabili
Categorizzazione NIS2 entro il 30 giugno: perché non è solo un Excel da caricare
La scadenza per l’elencazione e categorizzazione delle attività e dei servizi non dovrebbe essere letta come un mero adempimento formale, ma come il primo vero esercizio di collegamento tra business, servizi IT, asset critici, continuità operativa e proporzionalità delle misure di sicurezza
Webinar: Why account takeovers remain one of the hardest threats to stop
Account takeover attacks continue to challenge security teams because attackers often operate through legitimate accounts and trusted services. This webinar explores how behavioral AI can help organizations identify compromised accounts faster and automate response workflows.
Cellebrite said it cut off Russia, but Russia used is tools anyway
Security researchers found evidence that Russian authorities hacked the iPhone of a political opponent using a phone-unlocking device made by Cellebrite, even after the company said it would stop selling to Putin’s government.
Global cyber strike disrupts SocGholish, Amadey, and StealC malware networks – Coordinated actions take down criminal infrastructure; over EUR 41 million in criminal crypto assets seized | Europol
Europol together with partners from across the globe today announces a landmark blow to cybercriminal networks as part of Operation Endgame, a sweeping international operation targeting the criminal infrastructure behind ransomware and malware like SocGholish, Amadey, and StealC. In coordinated actions over the past two weeks, key components of these malicious toolkits were dismantled as part of a public-private effort.
Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools
Kaspersky researchers analyze the threat landscape for SMBs in 2026: the rise of attacks involving fake AI tools, phishing schemes, and data sold on the dark web.