Threats

The Lazarus group continues to prey on cryptocurrency: cybercriminals distribute DeFi wallets with built-in backdoor.

Malicious spam campaign targeting organizations grows 10-fold in a month, spreads Qbot and Emotet malware.

Microsoft patches 128 vulnerabilities in a list of products, including Windows and its components.

Researchers found critical vulnerability in Spring, a popular Java framework. Here’s how it works, why it’s dangerous and how to protect from it.

The recent Google Chrome update patches 10 high severity vulnerabilities and a dozen of less critical bugs. Time to update your browser!

We explain why game mods can be dangerous, using as an example malicious mods for Cities: Skylines.

In 2021 there were fewer attacks on smartphones and tablets than in 2020. But that’s no reason to relax, and here’s why.

Hackers from Lapsus$ group claim they breached Okta, a major provider of access management systems.

What is a seed phrase, how scammers use it to steal cryptowallets, and how to protect your MetaMask account.

The geopolitical conflict in Ukraine is the latest example of malicious actors trying to cash in on unsuspecting victims.

HermeticRansom cryptor was used as a distraction to support HermeticWiper attacks.

In the past year, a slew of cases in which criminals used AirTags to stalk people have come to light. We explain how this works and how to protect yourself.

Dangerous vulnerability in WebKit (CVE-2022-22620) is believed to be actively exploited by hackers. Update your iOS devices as soon as possible!

How to protect your iPhone or Android smartphone from Pegasus and similar mobile APTs.

Dangerous vulnerability was discovered in Dark Souls III videogame that can be used to gain control of a gamer’s computer.

Microsoft patches more than a 100 vulnerabilities in Windows 10 and 11, Windows Server 2019 and 2022, Exchange Server, Office, and Edge browser.

How a fake restart helps malware to gain a foothold in a smartphone’s operating system without exploiting a persistence vulnerability.

Five signs you’re dealing with scammers.

Researchers discovered a critical vulnerability in Apache Log4j library, which scores perfect 10 out of 10 in CVSS. Here’s how to protect against it.

Employees can install proxyware without their employer’s knowledge, introducing additional business cyberrisks.

We analyze some typical examples of phishing bait for movie streamers.