Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...
The Hacker News

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly ...
SecurityWeek

Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks

The Coruna exploit kit has 23 exploits targeting iOS devices, previously used in Russian attacks and now in cybercrime ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
InfoWorld

Three web security blind spots in mobile DevSecOps pipelines

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile ...

UK will allow US to use bases to strike Iranian missile sites, PM says

The UK has agreed to a US request to use British military bases for "defensive" strikes on Iranian missile sites, Sir Keir Starmer has said. But the prime minister said the UK had learned lessons from ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Authorities Warn “Harmless-Looking” Packages Could Contain Dangerous Materials and Here’s What to Watch for

You should treat any unexpected package with caution, even if it looks innocent. Dangerous substances and malicious content increasingly come disguised in candy bags, toy boxes, souvenir items, and ...