-
Malicious npm package steals WhatsApp accounts and messages
A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account.
- December 22, 2025
- 11:08 AM
0
-
Malicious LLMs empower inexperienced hackers with advanced tools
Unrestricted large language models (LLMs) like WormGPT 4 and KawaiiGPT are improving their capabilities to generate malicious code, delivering functional scripts for ransomware encryptors and lateral movement.
- November 27, 2025
- 12:15 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Palo Alto Networks data breach exposes customer info, support cases
Palo Alto Networks suffered a data breach that exposed customer data and support cases after attackers abused compromised OAuth tokens from the Salesloft Drift breach to access its Salesforce instance.
- September 02, 2025
- 08:00 AM
- 0
-
Google: Hackers target Salesforce accounts in data extortion attacks
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organizations' Salesforce platforms.
- June 04, 2025
- 10:11 AM
- 0
-
Backdoor found in two healthcare patient monitors, linked to IP in China
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device.
- January 30, 2025
- 06:31 PM
- 10
-
US charges Russian-Israeli as suspected LockBit ransomware coder
The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group.
- December 20, 2024
- 11:48 AM
- 0
-
Ransomware gangs now abuse Microsoft Azure tool for data theft
Ransomware gangs like BianLian and Rhysida increasingly use Microsoft's Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage.
- September 17, 2024
- 12:14 PM
- 0
-
Halliburton confirms data stolen in recent cyberattack
Oil and gas giant Halliburton has confirmed in a filing today to the Securities and Exchange Commission (SEC) that data was stolen in the recent attack linked to the RansomHub ransomware gang.
- September 03, 2024
- 08:57 AM
- 0
-
HealthEquity says data breach impacts 4.3 million people
HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people.
- July 29, 2024
- 11:54 AM
- 1
-
How Allowlisting software can Prevent Ransomware and Data Theft
Allowlisting solutions can be a game changer in fortifying your cybersecurity defenses and protecting against ransomware and data theft attacks. Learn more from ThreatLocker on the pros and cons of Allowlisting.
- June 03, 2024
- 10:25 AM
- 0
-
New SharePoint flaws help hackers evade detection when stealing files
Researchers have discovered two techniques that could enable attackers to bypass audit logs or generate less severe entries when downloading files from SharePoint.
- April 09, 2024
- 09:00 AM
- 2
-
New RustDoor macOS malware impersonates Visual Studio update
A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang.
- February 09, 2024
- 10:53 AM
- 1
-
Apple 'Find My' network can be abused to steal keylogged passwords
Apple's "Find My" location network can be abused by malicious actors to stealthily transmit sensitive information captured by keyloggers installed in keyboards.
- November 04, 2023
- 10:12 AM
- 0
-
France says Russian state hackers breached numerous critical networks
The Russian APT28 hacking group (aka 'Strontium' or 'Fancy Bear') has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021.
- October 26, 2023
- 12:40 PM
- 0
-
Discord still a hotbed of malware activity — Now APTs join the fun
Discord continues to be a breeding ground for malicious activity by hackers and now APT groups, with it commonly used to distribute malware, exfiltrate data, and targeted by threat actors to steal authentication tokens.
- October 16, 2023
- 05:29 PM
- 4
-
Forever 21 data breach: hackers accessed info of 500,000
Forever 21 clothing and accessories retailer is sending data breach notifications to more than half a million individuals who had their personal information exposed to network intruders.
- August 31, 2023
- 03:23 PM
- 0
-
New Android MMRat malware uses Protobuf protocol to steal your data
A novel Android banking malware named MMRat utilizes a rarely used communication method, protobuf data serialization, to more efficiently steal data from compromised devices.
- August 29, 2023
- 02:04 PM
- 0
-
Mom’s Meals discloses data breach impacting 1.2 million people
PurFoods, which conducts business in the U.S. as 'Mom's Meals,' is warning of a data breach after the personal information of 1.2 million customers and employees was stolen in a ransomware attack.
- August 28, 2023
- 10:24 AM
- 2
-
Apps with 1.5M installs on Google Play send your data to China
Security researchers discovered two malicious file management applications on Google Play with a collective installation count of over 1.5 million that collected excessive user data that goes well beyond what's needed to offer the promised functionality.
- July 06, 2023
- 02:43 PM
- 12
-
Detecting data theft with Wazuh, the open-source XDR
Threat actors can steal data from organizations to sell to other malicious actors, making it a major risk for organizations. Wazuh, the free and open-source XDR/SIEM, offers several capabilities that protection against data theft.
- May 08, 2023
- 10:05 AM
- 0
0
