First discovered in 2022, Godfather — which can record screens and keystrokes, intercepts 2FA calls and texts, initiates bank transfers, and more — has quickly become one of the most widespread malware-as-a-service offerings in cybercrime.

An Iranian state-sponsored hacking group successfully infiltrated hundreds of thousands of employee accounts at US companies and government agencies, including the US Treasury and State Department, as part of a five-year cyber espionage campaign.

The US State Department is imposing visa restrictions on 13 people involved in the development and sale of commercial spyware, as well as their spouses and children. The State Department can deny these people entrance to the United States.

Siemens is urging organizations using its Ruggedcom APE1808 devices configured with Palo Alto Networks (PAN) Virtual NGFW to implement workarounds for a maximum severity zero-day bug that PAN recently disclosed in its next-gen firewall product.

A phishing campaign exploiting a bug in Nespresso's website has been able to evade detection by taking advantage of security tools that fail to look for malicious nested or hidden links.

In a briefing at Black Hat Asia, Shmuel Cohen, security researcher at SafeBreach, described how he not only reverse-engineered and cracked into the company's signature Cortex product but also weaponized it to deploy a reverse shell and ransomware.

The so-called Handala threat group alleged in a message on Telegram that it sent 500,000 text message warnings to Israeli citizens, which contains anti-Israeli government rhetoric, according to a report in The Jerusalem Times.

The first, not entirely new, sub-technique involves manipulation of Transparency, Consent, and Control (TCC), a security protocol that regulates application permissions on Apple's macOS.

The Chinese-language, phishing-as-a-service platform "Darcula" has created 19,000 phishing domains in cyberattacks against more than 100 countries, Netcraft researchers say.

In a social media post, VNDirect described a four-stage process of restoration, starting with customer accounts, which is now complete, and followed by restoring floor trading and then its other financial services.