The fraudulent investment scheme known as Nomani has witnessed an increase by 62%, according to data from ESET, as campaigns distributing the threat have also expanded beyond Facebook to include other social media platforms, such as YouTube. The Slovak cybersecurity company said it blocked over 64,000 unique URLs associated withRead More »Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media
This is pretty scary: Urban VPN Proxy targets conversations across ten AI platforms: ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok (xAI), Meta AI. For each platform, the extension includes a dedicated “executor” script designed to intercept and capture conversations. The harvesting is enabled by default through hardcoded flags inRead More »Urban VPN Proxy Surreptitiously Intercepts AI Chats
Every year, cybercriminals find new ways to steal money and data from businesses. Breaching a business network, extracting sensitive data, and selling it on the dark web has become a reliable payday. But in 2025, the data breaches that affected small and medium-sized businesses (SMBs) challenged our perceived wisdom aboutRead More »Attacks are Evolving: 3 Ways to Protect Your Business in 2026
The U.S. Securities and Exchange Commission (SEC) has filed charges against multiple companies for their alleged involvement in an elaborate cryptocurrency scam that swindled more than $14 million from retail investors. The complaint charged crypto asset trading platforms Morocoin Tech Corp., Berge Blockchain Technology Co., Ltd., and Cirkor Inc., asRead More »SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips
Introduction The Evasive Panda APT group (also known as Bronze Highland, Daggerfly, and StormBamboo) has been active since 2012, targeting multiple industries with sophisticated, evolving tactics. Our latest research (June 2025) reveals that the attackers conducted highly-targeted campaigns, which started in November 2022 and ran until November 2024. The groupRead More »Evasive Panda APT poisons DNS requests to deliver MgBot
Apple has been fined €98.6 million ($116 million) by Italy’s antitrust authority after finding that the company’s App Tracking Transparency (ATT) privacy framework restricted App Store competition. The Italian Competition Authority (Autorità Garante della Concorrenza e del Mercato, or AGCM) said the company’s “absolute dominant position” in app distribution allowedRead More »Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition
Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come with capabilities to intercept traffic and capture user credentials. The extensions are advertised as a “multi-location network speed test plug-in” for developers and foreign trade personnel. Both the browserRead More »Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites
Rumors of a possible buyout surfaced earlier this month, with the official announcement coming just weeks after Armis announced raising $435 million. The post ServiceNow to Acquire Armis for $7.75 Billion in Cash appeared first on SecurityWeek.
The personal information of 21,000 customers was stolen after hackers compromised Red Hat’s GitLab instances. The post Nissan Confirms Impact From Red Hat Data Breach appeared first on SecurityWeek.
The cybercriminals attempted to steal $28 million from compromised bank accounts through phishing. The post Feds Seize Password Database Used in Massive Bank Account Takeover Scheme appeared first on SecurityWeek.
