-
Microsoft is launching a new security feature designed to protect Teams users from fraudulent external callers impersonating trusted organizations. The Brand Impersonation Protection for Teams Calling will roll out starting mid-February 2026, with gene…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered ransomware family, Osiris, targeted a major foodservice franchisee in Southeast Asia in November 2025. Despite sharing a name with a 2016 Locky ransomware variant, security researchers confirm this represents an entirely new threat w…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated multi-stage phishing campaign is actively targeting PNB MetLife Insurance customers through fake payment gateway pages. The attack chain extracts customer details, forces fraudulent UPI payments, and escalates to full banking credential…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Snaps are compressed, cryptographically signed, revertable software packages for Linux desktops, servers, and embedded devices. A sophisticated campaign targeting Canonical’s Snap Store has escalated dramatically, with threat actors shifting from…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
JA3 fingerprinting, long dismissed as outdated technology, is experiencing a resurgence as security teams discover its practical value in identifying and tracking malicious infrastructure with surprising precision. Despite widespread skepticism about J…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Zafran Labs uncovered two critical vulnerabilities in Chainlit, a popular open-source framework for building conversational AI apps. Chainlit powers internet-facing AI systems in enterprises across industries, averaging 700,000 PyPI downloads monthly. …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated ClickFix campaign targeting Facebook users has been identified, leveraging social engineering to extract live session credentials directly from victims’ browsers. Unlike traditional phishing exploits that rely on software vulnerab…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A dangerous supply-chain attack targeting the Python Package Index (PyPI) that involves a malicious package named sympy-dev impersonating SymPy, one of the world’s most widely used symbolic mathematics libraries. The fraudulent package employs so…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated multi-stage malware campaign targeting Russian users, leveraging social engineering, legitimate cloud services, and native Windows functionality to achieve full system compromise without exploiting vulnerabilities. The campaign begins w…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new Android malware family dubbed “Android.Phantom” that leverages artificial intelligence to automate ad-clicking fraud while establishing a persistent command-and-control infrastructure through dual-mode operation. The mal…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
