Malicious actors have been distributing fraudulent LinkedIn alert messages for potential job opportunities to facilitate credential exfiltration in a new phishing campaign, Cybernews reports.
Apple has released a new mechanism for macOS Tahoe 26.4 that stops the execution of potentially harmful commands in Terminal and warns the user about related dangers, explaining how attackers often use different channels to distribute malicious instructions, reports BleepingComputer.
Ukrainian government entities, healthcare providers, financial providers, security firms, educational institutions, and software development companies have been targeted with a phishing campaign spoofing the country's Computer Emergency Response Team to facilitate the deployment of the AGEWHEEZE RAT between Mar. 26 and 27, reports The Cyber Express.
Threat actors have leveraged bogus VS Code security alerts to compromise GitHub developers with malware as part of a large-scale scam operation, according to BleepingComputer.
Russian state-sponsored threat operation TA446, also known as COLDRIVER, Callisto, and Star Blizzard, has leveraged the DarkSword iOS exploit kit in a new targeted spear-phishing campaign, The Hacker News reports.
Microsoft credential phishing weaponizes Bubble AI app builder AI-powered no-code app-building platform Bubble has been exploited to create illicit web apps that facilitate clandestine credential phishing intrusions against Microsoft accounts, BleepingComputer reports.
