Tag: attacks

Phishing remains one of the most effective tools in the cybercriminal arsenal, especially when threat actors abuse the credibility of trusted institutions and familiar digital services to increase victim interaction. In late March 2026, CERT-UA revealed a phishing campaign tracked as UAC-0255 in which attackers impersonated the agency and attempted to infect organizations across Ukraine’s […]

February 2026: ShinyHunters Attacks Hit Odido, CarGurus, Panera Bread, and FigureFebruary 2026 brought a fresh wave of data breach disclosures, and the pattern was hard to miss. Extortion-driven attacks continued to spread across consumer brands, ecommerce platforms, telecom providers, and even government systems, often by exploiting identity access, support tools, or third-party relationships.Several of the […]

Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers‘ relative ignorance of OT systems.

Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it. […]

How to Detect Brand Impersonation Attacks Early: A Step by Step Monitoring GuideBrand impersonation rarely starts with a loud signal. It usually begins with a lookalike domain, a copied login page, a fake social profile, or a rogue mobile app that appears credible enough to fool users before security teams spot it.That is what makes […]

Attacks by artificial intelligence agents are a reality. Experts at Nvidia’s GTC conference say defenders need to use the same tools to fight them off.

Mit Lakewatch präsentiert Databricks ein offenes SIEM auf Lakehouse-Basis. KI-Agenten sollen Bedrohungen in Datenpools automatisch erkennen und triagieren.

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx’s KICS and VS Code plug-ins, and the LiteLLM AI library — and all signs point to more attacks to come.

A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection.

Attackers can execute arbitrary code without authentication if Oracle’s Identity or Web Services Managers are exposed to the Web.