Please turn on your JavaScript for this page to function normally.
ClickFix
Fake macOS help sites push Shamos infostealer via ClickFix technique

Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers …

social engineering
The new battleground for CISOs is human behavior

This article is no longer available. Check out our news from this week here: Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day

lock
How Brandolini’s law informs our everyday infosec reality

Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude …

attack
From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends

Cybercriminals are getting better at lying. That’s the takeaway from a new LevelBlue report, which outlines how attackers are using social engineering and legitimate tools to …

Seth Ruden
Why behavioral intelligence is becoming the bank fraud team’s best friend

In this Help Net Security interview, Seth Ruden, Senior Director of Global Advisory at BioCatch, discusses how financial institutions are addressing fraud. He explains how …

arrest
Four arrested in connection with M&S, Co-op ransomware attacks

Four individuals suspected of having been involved in the ransomware attacks that hit UK-based retailers earlier this year have been arrested by the UK National Crime Agency. …

Qantas
Qantas data breach could affect 6 million customers

Qantas has suffered a cyber incident that has lead to a data breach. “The incident occurred when a cyber criminal targeted a call centre and gained access to a …

email bombing
Microsoft introduces protection against email bombing

By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is …

Salesforce
Attackers fake IT support calls to steal Salesforce data

Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat …

social engineering
TikTok videos + ClickFix tactic = Malware infection

Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. …

Fake AI video
Fake AI platforms deliver malware diguised as video content

A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an …

ClickFix
The many variants of the ClickFix social engineering tactic

As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools