Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan’s Finance Ministry, deploying Xeno RAT for full system access and exfil.
Over 5,000 election-themed domains registered between April and May 2026 form phishing infrastructure targeting voters, campaign staff, and election workers.
Scammers have spoofed the PSNI’s official switchboard number to impersonate officers and pressure victims into buying gift cards in a
Scammers have spoofed the PSNI’s official switchboard number to impersonate officers and pressure victims into buying gift cards in a
Over 5,000 election-themed domains registered between April and May 2026 form phishing infrastructure targeting voters, campaign staff, and election workers.
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan’s Finance Ministry, deploying Xeno RAT for full system access and exfil.
LLMShare, discovered by Push Security, abuses ChatGPT’s share links on chatgpt.com to host fake outage pages that deliver infostealer malware
LLMShare, discovered by Push Security, abuses ChatGPT’s share links on chatgpt.com to host fake outage pages that deliver infostealer malware
The FBI warns Kali365, a PhaaS platform on Telegram, exploits Microsoft device code authentication to bypass MFA entirely and capture
EvilTokens, a phishing service launched in February 2026, bypassed MFA in 340 Microsoft 365 organizations by stealing OAuth tokens instead
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.