Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is… Read More »Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail
The U.K.’s Information Commissioner’s Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages… Read More »U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices
Threat actors have been exploiting a security vulnerability in Paragon Partition Manager’s BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is part… Read More »Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks
Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. “The threat actor hides each malware… Read More »Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites
This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back… Read More »⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the… Read More »The New Ransomware Groups Shaking Up 2025
Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d. The improved variant of… Read More »Vo1d Botnet’s Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries
Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to… Read More »Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language
A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. “The… Read More »Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow’s content delivery network (CDN) to deliver the Lumma stealer malware.… Read More »5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs