Tag Microsoft

Microsoft Disrupts ‘RaccoonO365’ Phishing Operation – Dark Reading

Microsoft Disrupts ‘RaccoonO365’ Phishing Service In a significant development in the cybersecurity landscape, Microsoft has announced the dismantling of the ‘RaccoonO365’ phishing service, a notable player in the realm of cybercrime. This disruptive action targets a sophisticated network that has been implicated in various phishing attacks, with an emphasis on…

Read MoreMicrosoft Disrupts ‘RaccoonO365’ Phishing Operation – Dark Reading

APT29 Leveraged Windows Vulnerability to Breach European Diplomatic Network

A notorious Russia-based cyber espionage group known as APT29 has reportedly exploited a less common Windows feature called Credential Roaming following a successful phishing operation targeting an unmentioned European diplomatic organization. The strategic focus on diplomatic targets aligns with APT29’s historical modus operandi, demonstrating their commitment to gathering intelligence that…

Read MoreAPT29 Leveraged Windows Vulnerability to Breach European Diplomatic Network

⚡ THN Weekly Recap: Stolen Google Secrets, Windows Breach, Latest Crypto Scams, and More!

This week’s cybersecurity update delves into various evolving threats, including a sophisticated phishing technique used by Russian threat actors. Covering issues from device code phishing to cloud-based attacks, this summary transforms complex technicalities into comprehensible insights, tailored for tech-savvy professionals. ⚡ Threat of the Week The recent disclosure from Microsoft…

Read More⚡ THN Weekly Recap: Stolen Google Secrets, Windows Breach, Latest Crypto Scams, and More!

Vietnam Investigates Breach at Central Bank’s Credit Agency

Cybercrime, Data Security, Finance & Banking Cybercrime Collective ShinyHunters Claims 160 Million Records Compromised Mathew J. Schwartz ( euroinfosec) • September 15, 2025 The State Bank of Vietnam in Hanoi, dating back to November 22, 2016. (Image: TK Kurikawa/Shutterstock) The central bank of Vietnam is investigating a cyberattack that targeted…

Read MoreVietnam Investigates Breach at Central Bank’s Credit Agency

New Malware Campaign Leverages Cracked Software to Distribute Lumma and ACR Stealer

Cybersecurity experts are sounding alarms about a recent campaign utilizing cracked software versions to spread information-stealing malware, including notable variants such as Lumma and ACR Stealer. The AhnLab Security Intelligence Center (ASEC) has reported a significant increase in ACR Stealer distributions since January 2025. This malware employs a technique known…

Read MoreNew Malware Campaign Leverages Cracked Software to Distribute Lumma and ACR Stealer

⚡ THN Weekly Highlights: GitHub Supply Chain Attack, AI Malware, BYOVD Strategies, and More

Recent advancements in open-source tools have inadvertently contributed to a significant supply chain breach, originating from a focused attack that swiftly expanded, compromising sensitive information across multiple projects. This breach highlights how a manipulated GitHub Action, designed to analyze changed files, evolved from targeting specific projects like Coinbase into a…

Read More⚡ THN Weekly Highlights: GitHub Supply Chain Attack, AI Malware, BYOVD Strategies, and More

Hackers Access Okta’s GitHub Repositories and Exfiltrate Source Code

Okta, a pivotal player in identity and access management, reported an unauthorized access event involving its source code repositories earlier this month. The incident, which was disclosed on Wednesday, raises substantial concerns about the security practices surrounding sensitive organizational code. According to an official statement, Okta reassured stakeholders that “there…

Read MoreHackers Access Okta’s GitHub Repositories and Exfiltrate Source Code

Over 12,000 API Keys and Passwords Discovered in Public Datasets for LLM Training

A recent investigation has uncovered alarming findings regarding a dataset utilized for training large language models (LLMs). This dataset reportedly contains close to 12,000 live secrets, including credentials capable of authenticating access to various services. This discovery raises significant concerns about the risks associated with hard-coded credentials. Organizations face heightened…

Read MoreOver 12,000 API Keys and Passwords Discovered in Public Datasets for LLM Training

⚡ THN Weekly Recap: Updates on Zero-Day Exploits, AI Security Breaches, and Cryptocurrency Theft

This week brought a significant cybersecurity incident involving a 23-year-old Serbian activist whose Android device fell prey to a sophisticated zero-day exploit. Developed by Cellebrite, this exploit chain compromised the user’s phone, likely enabling the deployment of a spyware solution known as NoviSpy. The vulnerabilities, which exploit weaknesses in the…

Read More⚡ THN Weekly Recap: Updates on Zero-Day Exploits, AI Security Breaches, and Cryptocurrency Theft