Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces
A sudden disruption of a major phishing-as-a-service provider leads to the rise of another…that looks very familiar
Similar Posts
Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager
Bys sGoogle has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user’s password when it detects the credentials to be compromised. “When Chrome detects a compromised password during sign in, Google Password Manager prompts the user with an option to fix it automatically,” Google’s Ashima Arora, Chirag…
Nevada Refused to Pay Cyberattack Ransom as Systems Sat Compromised for Months
Bys sMark Pearson reports: According to an official document newly released by the Nevada office responsible for the state’s technology infrastructure, Nevada’s state systems sat unknowingly compromised for three months before officials noticed a major ransomware attack and flagged it up in August. […] The perpetrators compromised a password vault server to harvest credentials from 26……
Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
Bys sThe “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy
Kyiv Region Police Expose Hackers Who Infected Notaries’ Computers with Viruses and Changed Data in State Registries
Bys sAs reported on dev.ua: In the Kyiv region, police detained a group of hackers who gained remote access to the devices of state bailiffs and private notaries and, for a fee, illegally removed encumbrances imposed on citizens’ property. According to the Cyber Police, four suspects, one of whom was a private contractor, set up a scheme…
CISA Adds Actively Exploited Broadcom and Commvault Flaws to KEV Database
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two high-severity security flaws impacting Broadcom Brocade Fabric OS and Commvault Web Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below – CVE-2025-1976 (CVSS score: 8.6) – A code injection…
Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors
Bys sThe Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three Chinese state-sponsored threat actors. “Targets of these campaigns ranged from organizations involved in the manufacturing, design, and testing of semiconductors and integrated circuits, wider equipment and services supply chain entities within this sector, as well as financial investment