Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...
WeLiveSecurity

DynoWiper update: Technical analysis and attribution

ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector.
MUO on MSN

5 Windows Sysinternals tools I use to catch suspicious behavior

If an app blinks wrong, Sysinternals notices.

Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access ...
Security Boulevard

APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP | Part 2

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...
The Hacker News

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

North Korean group Konni uses AI-assisted PowerShell malware and phishing via Google ads and Discord to breach blockchain ...