Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces
A sudden disruption of a major phishing-as-a-service provider leads to the rise of another…that looks very familiar
Similar Posts
Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data
Bys sThe governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by Israeli company Paragon Solutions, according to a new report from The Citizen Lab. Paragon, founded in 2019 by Ehud Barak and Ehud Schneorson, is the maker of a surveillance tool called Graphite that’s capable of harvesting sensitive data…
Bitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step Act
Bys sIlya Lichtenstein, who was sentenced to prison last year for money laundering charges in connection with his role in the massive hack of cryptocurrency exchange Bitfinex in 2016, said he has been released early. In a post shared on X last week, the 38-year-old announced his release, crediting U.S. President Donald Trump’s First Step Act….
Thousands more Afghans affected by second data breach, ministers say
Bys sSerena Barker-Singh reports: Up to 3,700 Afghans brought to the UK between January and March 2024 have potentially been impacted as names, passport details and information from the Afghan Relocations and Assistance Policy has been compromised again, this time by a breach on a third party supplier used by the Ministry of Defence (MoD). This was not……
What Is Attack Surface Management?
Bys sAttack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what’s exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker’s…
New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector
Bys sThe Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the “largest cyber attack” targeting Poland’s power system in the last week of December 2025. The attack was unsuccessful, the country’s energy minister, Milosz Motyka, said last week. “The command of the cyberspace forces has diagnosed in the…
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Bys sProof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE). Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026, only to be informed by the maintainers that…