Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
PureLogs Stealer uses fake PDF JavaScript files and Google's Blogger pages in the VEIL#DROP campaign, enabling fileless ...
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
An urgent alert has been issued to millions of Windows users after the discovery of a new scam that offers Office and Spotify for (contains affiliate links) ...
A security analyst at a large enterprise recently found sensitive HR documents being copied into a Microsoft Teams channel ...
Gamaredon hacking group escalated its decade-long espionage campaign against Ukraine in 2025, exploiting a weaponized WinRAR ...
Criminals are exploiting traffic distribution systems to silently redirect users to fraudulent sites, and the FBI says the ...
Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.