Category: DarkNet

The moment a cyberattack strikes, the clock starts ticking. Files lock up, systems stall, phones light up and the pressure skyrockets. Every second counts. What happens next can mean the difference between recovery and catastrophe. In that moment, you need three things above all else: clarity, control and a lifeline. Without them, even the most

While most enterprises lock down endpoints, harden networks, and scan for vulnerabilities, one of the riskiest vectors often slips through unmonitored: browser extensions. These small, user-installed applications can execute privileged code, access sensitive DOM elements, intercept network requests, and even exfiltrate data, all within the context of enterprise-approved browsers. Keep Aware’s new Buyer’s Guide to Browser

Back in August 2023, attackers tied to the Scattered Spider group didn’t exploit a zero-day vulnerability to hack Clorox. They simply called the service desk (run by Cognizant), claimed to be locked-out employees, and asked for password and MFA resets. According to court filings and reporting, the attacker repeatedly phoned Cognizant’s service desk, obtained repeated

Media streaming platform Plex is warning customers to reset passwords after suffering a data breach in which a hacker was able to steal customer authentication data from one of its databases. In a data breach notification seen by BleepingComputer, Plex says the stolen data includes email addresses, usernames, securely hashed passwords, and authentication data. “An

iCloud Calendar invites are being abused to send callback phishing emails disguised as purchase notifications directly from Apple’s email servers, making them more likely to bypass spam filters to land in targets’ inboxes. Earlier this month, a reader shared an email with BleepingComputer that claimed to be a payment receipt for $599 charged against the recipient’s

VirusTotal has discovered a phishing campaign hidden in SVG files that create convincing portals impersonating Colombia’s judicial system that deliver malware. VirusTotal detected this campaign after it added support for SVGs to its AI Code Insight platform. VirusTotal’s AI Code Insight feature analyzes uploaded file samples using machine learning to generate summaries of suspicious or malicious

Microsoft says it has been enforcing multifactor authentication (MFA) for Azure Portal sign-ins across all tenants since March 2025. The company’s Azure MFA enforcement efforts were announced in May 2024 when Redmond began implementing mandatory MFA for all users signing into Azure to administer resources. One year ago, in August 2024, Microsoft also warned Entra

Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware. The flaw, tracked under CVE-2025-53690, is a ViewState deserialization vulnerability caused by the inclusion of a sample ASP.NET machine key in pre-2017 Sitecore guides. Some customers reused this key in production, allowing attackers with knowledge of the key

Microsoft says the August 2025 security updates are triggering unexpected User Account Control (UAC) prompts and app installation issues for non-admin users across all supported Windows versions. This known issue is caused by a security patch that addresses the CVE-2025-50173 Windows Installer privilege escalation vulnerability, which can allow authenticated attackers to gain SYSTEM privileges due

Hackers tried to steal $130 million from Evertec’s Brazilian subsidiary Sinqia S.A.after gaining unauthorized access to its environment on the central bank’s real-time payment system (Pix). Evertec is a public financial technology giant that stands as a major full-service transaction processor in Latin America, Puerto Rico, and the Caribbean. Sinqia, acquired by Evertec in 2023