Author: Intel_0189

A newly discovered phishing-as-a-service (PhaaS) platform, named VoidProxy, targets Microsoft 365 and Google accounts, including those protected by third-party single sign-on (SSO) providers such as Okta. The platform uses adversary-in-the-middle (AitM) tactics to steal credentials, multi-factor authentication (MFA) codes, and session cookies in real time. VoidProxy was discovered by Okta Threat Intelligence researchers, who describe it

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. The campaign is ongoing as the threat actor continuously uploads new malicious code to replace the extensions that are removed. In a public post, core Ethereum developer Zak Cole

The moment a cyberattack strikes, the clock starts ticking. Files lock up, systems stall, phones light up and the pressure skyrockets. Every second counts. What happens next can mean the difference between recovery and catastrophe. In that moment, you need three things above all else: clarity, control and a lifeline. Without them, even the most

While most enterprises lock down endpoints, harden networks, and scan for vulnerabilities, one of the riskiest vectors often slips through unmonitored: browser extensions. These small, user-installed applications can execute privileged code, access sensitive DOM elements, intercept network requests, and even exfiltrate data, all within the context of enterprise-approved browsers. Keep Aware’s new Buyer’s Guide to Browser

Back in August 2023, attackers tied to the Scattered Spider group didn’t exploit a zero-day vulnerability to hack Clorox. They simply called the service desk (run by Cognizant), claimed to be locked-out employees, and asked for password and MFA resets. According to court filings and reporting, the attacker repeatedly phoned Cognizant’s service desk, obtained repeated

Media streaming platform Plex is warning customers to reset passwords after suffering a data breach in which a hacker was able to steal customer authentication data from one of its databases. In a data breach notification seen by BleepingComputer, Plex says the stolen data includes email addresses, usernames, securely hashed passwords, and authentication data. “An

iCloud Calendar invites are being abused to send callback phishing emails disguised as purchase notifications directly from Apple’s email servers, making them more likely to bypass spam filters to land in targets’ inboxes. Earlier this month, a reader shared an email with BleepingComputer that claimed to be a payment receipt for $599 charged against the recipient’s

VirusTotal has discovered a phishing campaign hidden in SVG files that create convincing portals impersonating Colombia’s judicial system that deliver malware. VirusTotal detected this campaign after it added support for SVGs to its AI Code Insight platform. VirusTotal’s AI Code Insight feature analyzes uploaded file samples using machine learning to generate summaries of suspicious or malicious

Microsoft says it has been enforcing multifactor authentication (MFA) for Azure Portal sign-ins across all tenants since March 2025. The company’s Azure MFA enforcement efforts were announced in May 2024 when Redmond began implementing mandatory MFA for all users signing into Azure to administer resources. One year ago, in August 2024, Microsoft also warned Entra