The MS Drainer operates through phishing websites, tricking users into approving malicious contracts and transferring their money to the attacker’s wallet address without their consent.

The Chameleon banking trojan has evolved with new advanced features, including the ability to bypass biometric prompts and display HTML pages for enabling Accessibility Services on Android 13, making it a potent threat to mobile banking security.

FalseFont is a custom backdoor with various capabilities that allow operators to remotely access compromised systems, execute files, and transmit information to Command and Control servers.

The UK’s Payment Systems Regulator (PSR) announced that victims could be repaid up to £415,000 ($525,000) unless the bank can prove “gross negligence” on the part of the individual.

The BattleRoyal cluster, using DarkGate and NetSupport malware, demonstrates the use of multiple attack chains and social engineering techniques to deliver payloads via email and fake update lures.

Researchers from Unit 42 have discovered that threat actors are using malicious JavaScript to steal sensitive information by exploiting popular survey sites, low-quality hosting, and web chat APIs.

First American Financial Corporation, the second-largest title insurance company in the US, has experienced a cyberattack and has taken some systems offline to contain the impact.

The Biden administration is pushing for secure-by-design principles to be embraced by the tech industry, aiming to make security a core feature of software development to prevent attacks exploiting vulnerabilities.

A recent analysis discovered a malicious plugin injected into a WordPress/WooCommerce website that creates a fake administrator user and injects credit card skimming JavaScript into the checkout page.

Isovalent has developed eBPF, an open-source technology that provides insight into the operating system layer, and Cilium, which offers visibility into cloud-native applications.