UNC3753 Targets US Law Firms with Vishing, RMM Tools, and Physical Break-Ins
Threat cluster UNC3753, widely tracked as Silent Ransom Group or Luna Moth, is actively targeting professional, legal, and financial services in the United S...
Financial
20 articles
Pro-Russian hacker group launches 'Patriotic Online Games' campaign targeting European organizations
The group is leveraging Telegram to enlist "patriotic volunteers," offering cryptocurrency rewards for participating in various cyber activities, including D...
IronWorm malware, similar to Shai-Hulud, hits 57 projects across 9 organizations
The malware targets developer credentials and cryptocurrency and self-propagates on npm.
Hola browser supply chain attack delivers cryptocurrency miner
Cybersecurity researchers at Sophos and other companies discovered an undeclared executable, identified as a Monero cryptocurrency miner, being installed wit...
Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms
Written by: Chad Reams, Tufail Ahmed, Keith Knapp, Ashley Frazer, Tyler McLellan Introduction From January through May 2026, Mandiant identified a financiall...
Reaper macOS Infostealer Abuses Script Editor to Steal Crypto and Passwords
Threat actors are deploying an updated SHub Stealer variant named Reaper that exploits the native macOS Script Editor to bypass OS-level protections and comp...
The Good, the Bad and the Ugly in Cybersecurity – Week 23
US Treasury sanctions Iran's largest crypto exchange, PRC-linked TA4922 expands phishing to Europe and Africa, attackers exploit Palo Alto VPN bypass.
Malware could drain your fuel tank as well as your bank account
Ongoing cyber-attacks on automated tank gauges (ATGs) could result in fuel tanks being drained without businesses noticing, the US Cybersecurity & Infrastruc...
Hola Browser Windows Delivery Pipeline Hijacked to Deploy Cryptominer
An undeclared executable bundled with Hola Browser for Windows (version 1.251.
Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook
Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance
Let’s Encrypt works toward post-quantum certificates at web scale
Let’s Encrypt plans to pursue a post-quantum-safe Web PKI through Merkle Tree Certificates (MTCs), a new approach that adds post-quantum authentication to th...
New SHub Stealer Variant Targets Major Browsers and Crypto Wallets
Threat actors have resurfaced with an upgraded SHub stealer for macOS, now branded “Reaper,” and they’re using a stealthy distribution trick that should worr...
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent...
Let’s Encrypt Introduces Merkle Tree Certificates for Post-Quantum Web Security
Let’s Encrypt has unveiled a new approach to securing the web against future quantum threats: Merkle Tree Certificates (MTCs), a post-quantum–ready certifica...
VECT 2.0 Ransomware Breaks Files Beyond Its Own Recovery
VECT 2.0 ransomware can leave victims with files that even the attacker’s own decryptor cannot reliably restore.
AI agent governance gets harder when agents outnumber your people
In this Help Net Security video, Amit Gautam, CTO at Abluva, explains the security risks that autonomous AI agents bring into enterprise environments. He ope...
Brave Software releases Origin for a paid, bloat-free browsing experience
Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monet...
Hola Browser for Windows compromised to deliver cryptominer
The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a ...
Credit card theft campaign abuses Stripe to host stolen payment info
A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. [.
U.S. sanctions Iran's largest crypto exchange Nobitex for facilitating terrorism financing
Nobitex is accused of processing over 50% of Iranian digital asset inflows in 2025 and enabling transactions connected to the Islamic Revolutionary Guard Cor...