No Zero-Day Needed: Russian Phishers Swipe Signal & WhatsApp Accounts with Plain Old Lies
Russian phishers steal Signal & WhatsApp accounts with fake support chats no code crack needed, just human trust.
Cybersecurity
Tax Phishing Season: IRS Imposters, QR Codes and Hijacked Remote-Admin Tools
Tax season phishing is no longer just fake IRS emails. Microsoft caught campaigns weaponizing legitimate remote-management tools—complete with QR codes, revoked certs, and 29,000-accountant targeting lists.
Instagram Kills Encrypted Chats After Years of Meta Promises
After touting private communication as the future, Meta is quietly retiring Instagram's encrypted chats. Users have until May 8, 2026 to save their messages before the feature disappears.
Aura’s 900,000-record breach: when a marketing platform becomes a phishing time bomb
Aura says a vishing trick on a 2021-acquired marketing server exposed 900,000 contacts—no SSNs, but plenty of ammo for future scams.
Your Phone Number Is the Master Key—And Crooks Just Copied It
SIM-swap fraud surged 1,000% in a year—your phone number is now the master key to bank and crypto accounts.
Steam’s Indie Trojan: FBI Says These Seven Games Came With Free Malware
FBI: seven Steam indies hid password-stealing malware. Uninstall, nuke your creds, and move on.
Your Brand Has a Doppelganger on Social Media. Your SOC Doesn't Know It Yet.
AI-made fake social profiles now outrun domain phishing. Cisco’s new add-on folds social takedowns into the same console that already blocks email spoofs.
AI-Built Malware Is Cheap, Lazy, and Still Sneaking Past Enterprise Defenses
AI-built malware favors speed over craft, yet 14% still bypass scanners. HP says isolation, not smarter detection, broke the chain.
Phishers Found a Cheaper Weapon Than Malware: Your SOC’s Inbox
Phishers weaponize your own security awareness: cheap spam floods SOCs, burying real threats under hours of busywork.
HHS Arms Hospitals With Cyber Risk Tool: Treating Hackers Like Hurricanes
HHS introduces a free RISC 2.0 Cybersecurity Module to help hospitals assess digital threats alongside natural disasters, aligning with NIST and recent cyberattacks.
UNC4899’s Cloud Heist: How AirDrop and Kubernetes Became Tools for Crypto Theft
North Korean hackers UNC4899 exploited AirDrop and Kubernetes to steal millions from a crypto firm. Google outlines defense strategies against cloud breaches.
Quantum-Proofing the Nation: How the New Cyber Strategy Battles Tomorrow’s Threats Today
As quantum computers threaten encryption, the U.S. National Cyber Strategy outlines six pillars for quantum readiness and AI security. With 88% of AI models vulnerable to jailbreaking, the race to secure critical infrastructure accelerates.