LummaC2 formerly accounted for almost 92% of Russian Market’s credential theft log alerts. Now, the Acreed infostealer has replaced its market share. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Author Archives: Onsite Computing, Inc.
A recently disclosed data breach at Coinbase has been linked to India-based customer support representatives from outsourcing firm TaskUs, who threat actors bribed to steal data from the crypto exchange. […] Go to Source Author: Bill Toulas
Microsoft is testing a dedicated page in Windows Settings for quick machine recovery, which will provide users with additional configuration options. […] Go to Source Author: Sergiu Gatlan
Two malicious RubyGems packages posing as popular Fastlane CI/CD plugins redirect Telegram API requests to attacker-controlled servers to intercept and steal data. […] Go to Source Author: Bill Toulas
Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport RAT malware. The DomainTools Investigations (DTI) team said it identified “malicious multi-stage downloader Powershell scripts” hosted on lure websites that masquerade as Gitcode and DocuSign. […]
Mozilla has developed a new security feature for its add-on portal that helps block Firefox malicious extensions that drain cryptocurrency wallets. […] Go to Source Author: Sergiu Gatlan
Scattered Spider isn’t one group — it’s an identity-first threat model evolving fast. From vishing to AiTM phishing, they’re exploiting MFA gaps to hijack the cloud. Watch the Push Security webinar to learn how their identity-based tactics work — and how to stop them. […] Go to Source Author: Sponsored by Push Security
If your CISO isn’t wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed. Go to Source Author: Richard Marcus
CISA is alerting federal agencies in the U.S. of hackers exploiting a recently patched ScreenConnect vulnerability that could lead to executing remote code on the server. […] Go to Source Author: Ionut Ilascu
Fashion retail giant Victoria’s Secret has delayed its first quarter 2025 earnings release because of ongoing corporate system restoration efforts following a May 24 security incident. […] Go to Source Author: Sergiu Gatlan