News

Advancing Cybersecurity for Microsoft Environments

Bys s November 18, 2025

From certified MDR services to open threat intelligence frameworks, Sophos is delivering the clarity, context, and confidence organizations need to stay ahead of evolving threats.

News

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
Bys s December 19, 2025

A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims’ Microsoft 365 credentials and conduct account takeover attacks. The activity, ongoing since September 2025, is being tracked by Proofpoint under the moniker UNK_AcademicFlare. The attacks involve using compromised email addresses belonging to government

Read More Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
News

End of the game for cybercrime infrastructure: 1025 servers taken down
Bys s November 13, 2025

A welcome press release from Europol: Between 10 and 14 November 2025, the latest phase of Operation Endgame was coordinated from Europol’s headquarters in The Hague. The actions targeted one of the biggest infostealers (Rhadamanthys), the Remote Access Trojan VenomRAT, and the botnet Elysium, all of which played a key role in international cybercrime. Authorities……

Read More End of the game for cybercrime infrastructure: 1025 servers taken down
News

Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Bys s July 12, 2025

Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications. “Laravel’s APP_KEY, essential for encrypting sensitive data, is often leaked publicly (e.g., on GitHub),” GitGuardian said. “If attackers get access to this key, they can exploit a deserialization flaw…

Read More Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
News

Turmoil Besets Phishing-as-a-Service Toolkit Rockstar 2FA
Bys s December 23, 2024

Infrastructure Problems Blamed; Users Appear to Move to Similar FlowerStorm ServiceAs the end of the year approaches, it’s out with the old and in with the new as researchers report that Rockstar 2FA, which once facilitated prolific phishing-as-a-service hits, has crashed and burned, apparently leading many one-time users to move to rival FlowerStorm.

Read More Turmoil Besets Phishing-as-a-Service Toolkit Rockstar 2FA
News

New license expiration alerts help you avoid protection gaps
Bys s February 26, 2025

We are improving expiration alerts so you can enjoy seamless protection against the latest threats.

Read More New license expiration alerts help you avoid protection gaps
News

Hackers say they have deleted children’s pictures and data after nursery attack backlash
Bys s October 2, 2025

Joe Tidy reports: Hackers who attempted to extort a nursery chain by posting stolen images and data about children on the darknet have removed the posts and claim to have deleted the information. The criminals began posting profiles of the children to their website last Thursday, adding another 10 children days later and vowing to continue until Kido Schools……

Read More Hackers say they have deleted children’s pictures and data after nursery attack backlash

Similar Posts