Month: August 2025
-
Hackers Abuse Microsoft 365’s Direct Send Feature to Deliver Internal Phishing Attacks
Cybercriminals have discovered a sophisticated new attack vector by exploiting Microsoft 365’s Direct Send feature to deliver phishing campaigns that…
-
11,000 Android Devices Hacked by Chinese Threats Actors to Deploy PlayPraetor Malware
A sophisticated malware-as-a-service operation orchestrated by Chinese-speaking threat actors has successfully compromised over 11,000 Android devices worldwide through the deployment…
-
Storm-2603 Using Custom Malware That Leverages BYOVD to Tamper with Endpoint Protections
A newly identified threat actor designated Storm-2603 has emerged as a sophisticated adversary in the ransomware landscape, leveraging advanced custom…
-
Oklahoma Substantially Amends Its Data Breach Notification Statute
Ashden Fein, Caleb Skeath, Micaela McMurrough, Emily Pehrsson, and Sierra Stubbs of Covington and Burling write: Oklahoma recently enacted Senate…
-
Malicious AI-generated npm package hits Solana users
AI-generated npm package `@kodane/patch-manager` drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025.—————————————————————————————————————————AI-generated npm package `@kodane/patch-manager` was flagged…
-
Active Exploitation of Microsoft SharePoint Vulnerabilities
Unit 42 is tracking ongoing threat activity targeting on-premises Microsoft SharePoint servers, particularly within government, schools, healthcare, and large enterprises.…