IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, ...

Over the course of nearly 300 posts, Jonathan Bennett set a very high bar for this column, so we knew it needed to be placed in the hands of somebody who could do it justice.

ThreatLocker adds Zero Trust network and cloud access capabilities to its platform, enforcing device-based verification to combat credential theft and protect company data.

Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly ...

The iPhone crypto exploit Coruna targets outdated iOS devices, stealing wallet seed phrases through compromised sites, enabling crypto theft.

Tycoon 2FA accounted for around 62pc of all phishing attempts blocked by Microsoft by mid-2025. A joint cybersecurity operation has disrupted one of the world’s largest phishing-as-a-service platforms ...

A website styled to look like a Google Account security page is distributing what Malwarebytes describes as one of ...

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...

The Oasis researchers document a vulnerability chain that can be initiated from any website the AI agent (or its user) visits, without users needing to interact in any way or being at all aware that ...

Google reveals Coruna, a powerful exploit kit targeting older iOS versions to bypass security, install malware, and steal ...

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.