GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Bubble AI app builder abused to steal Microsoft account credentials

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building ...
Infosecurity Magazine

Phantom Project Bundles Infostealer, Crypter and RAT For Sale

The malware, known as Phantom Stealer, collects browser credentials, cookies, saved passwords, autofill data and payment card ...
SecurityWeek

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

The Tycoon 2FA phishing platform’s operations have been largely unaffected by the recent law enforcement takedown attempt.
Hoodline

Fake CAPTCHA Scam Tricks Windows Users Into Installing Password-Snatching Malware

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.
The Hacker News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...

New Password Stealer Bypasses 2FA—Chrome, Edge And Firefox Targeted

This new Storm attack platform can exfiltrate passwords and session data, enabling 2FA bypass. Google Chrome, Microsoft Edge ...
Business Insider

SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft

New Report Highlights Surge in Exposed API Keys, Session Tokens, and Machine Identities, and more. SpyCloud, the leader in identity threat protection, today released its annual 2026 Identity Exposure ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...