Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream
Attack matches three-year long pattern of ScreenConnect attacks tracked by Sophos MDR as STAC4365.
Similar Posts
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
Bys sA bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation. Read the full technical breakdown in the Security Intelligence Brief. Download now → The “First-Hop Bias” Blind Spot Most&
Hackers Exploit Milesight Routers to Send Phishing SMS to European Users
Bys sUnknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February 2022. French cybersecurity company SEKOIA said the attackers are exploiting the cellular router’s API to send malicious SMS messages containing phishing URLs, with the campaigns primarily targeting…
Today’s reminder to terminate employees’ credentials when their employment ends
Bys sFailure to terminate an employee’s credentials when their employment ended and failure to use unique and protected login credentials for work left a city at risk of having its water utility totally compromised. Avram Piltch reports: Our tale of tech missteps comes courtesy of Nicole Beckwith, who serves as the senior director for security engineering……
How to Browse the Web More Sustainably With a Green Browser
Bys sAs the internet becomes an essential part of daily life, its environmental footprint continues to grow. Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant. Choosing a browser designed with
KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
Bys sCybersecurity researchers have discovered a new malware called KadNap that’s primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic. The malware, first detected in the wild in August 2025, has expanded to over 14,000 infected devices, with more than 60% of victims located in the U.S., according to the Black…
131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign
Bys sCybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to supply chain security company Socket. The browser add-ons collectively have about 20,905 active users….