In The News

North Korean Operatives Use Deepfakes in IT Job Interviews darkreadingElizabeth Montalbano, Contributing Writer
April 23, 2025

Use of synthetic identities by malicious employment candidates is yet another way state-sponsored actors are trying to game the hiring process and infiltrate Western organizations. Use of synthetic identities by malicious …

Read More
No Comment

In The News


Japan Warns on Unauthorized Stock Trading via Stolen Credentials darkreadingKristina Beek, Associate Editor, Dark Reading
April 23, 2025

Attackers are using credentials stolen via phishing websites that purport to be legitimate securities company homepages, duping victims and selling their stocks before they realize they've been hacked. Attackers are using …

Read More
No Comment

Kubernetes Pods Are Inheriting Too Many Permissions darkreadingBecky Bracken
April 23, 2025

Scalable, effective — and best of all, free — securing Kubernetes workload identity cuts cyber-risk without adding infrastructure, according to new research from SANS. Scalable, effective — and best …

Read More
No Comment

DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack The Hacker [email protected] (The Hacker News)
April 23, 2025

Multiple threat activity clusters with ties to North Korea (aka Democratic People's Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and …

Read More
No Comment

The Foundations of a Resilient Cyber Workforce darkreadingMohan Koo
April 23, 2025

In a world where insider threats, nation-state adversaries, and technological evolution create new challenges, companies must prioritize transparency, ethical leadership, and a culture rooted in trust. In a world where insider …

Read More
No Comment

Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign The Hacker [email protected] (The Hacker News)
April 23, 2025

The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024. Google-owned …

Read More
No Comment

Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices The Hacker [email protected] (The Hacker News)
April 23, 2025

Cybersecurity researchers have revealed that Russian military personnel are the target of a new malicious campaign that distributes Android spyware under the guise of the Alpine Quest mapping software. "The attackers …

Read More
No Comment

Three Reasons Why the Browser is Best for Stopping Phishing Attacks The Hacker [email protected] (The Hacker News)
April 23, 2025

Phishing attacks remain a huge challenge for organizations in 2025. In fact, with attackers increasingly leveraging identity-based techniques over software exploits, phishing arguably poses a bigger threat than ever before.  Attackers …

Read More
No Comment

Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp The Hacker [email protected] (The Hacker News)
April 23, 2025

Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since …

Read More
No Comment

Ripple’s xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack The Hacker [email protected] (The Hacker News)
April 23, 2025

The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users' private …

Read More
No Comment