Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
FaceTime
Scammers weaponize FaceTime to drain bank accounts

Apple is warning iPhone and iPad users that scammers are using FaceTime calls to trick them into handing over money and account details. According to Apple, scammers pose as …

Transport for London
Scattered Spider members jailed over Transport for London hack that cost £29 million

Two members of the notorious “Scattered Spider” hacking collective have been sentenced to five years and six months in prison each for a cyberattack on Transport …

ClickFix
ClickFix is changing the economics of social engineering

ClickFix has moved from a one-off social engineering trick into an industrialized attack ecosystem that is outpacing conventional antivirus and endpoint defenses, according to …

AI
AI used to help plan the break-in, now it’s doing the break-in

Over the past twelve months, researchers documented intrusions in which AI ran exploitation workflows autonomously, generating thousands of commands across dozens of sessions …

data request
Most data brokers won’t tell you what happened to your deletion request

Data brokers collect personal details on most adults in the United States and sell them to buyers that include employers, landlords, insurance companies, and government …

Microsoft 365 phishing
Extortion crew hijacks Microsoft 365 accounts via fake passkey setup

The Pink cyber extortion crew is tricking employees into giving them access to their Microsoft 365 accounts by faking Entra passkey enrollment requests. The attack The attack …

arrest
5,811 arrests, $293 million seized over social engineering scams

Criminals who pose as police officers, romantic partners, and business suppliers have built fraud operations that reach across continents. A four-month enforcement campaign …

reddit
The fake report message that ends with a stolen Reddit account

A direct message arrives on Reddit from a stranger, and it invites a reply. That reply is the point. This scheme runs on social engineering, with no malware and no malicious …

Roblox
Malware attacks strip Roblox developers of entire games

Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games …

malware
Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware

Cybercriminals are using TikTok and Instagram Reels videos to spread Vidar, an infostealer malware, through fake downloads for popular paid software, according to …

malware
Scams now operate like real businesses with budgets and targets

Social media has overtaken email as a primary attack vector, showing changes in how people consume information and interact online, according to Bitdefender’s Global …

social engineering
Hackers are knocking on office doors pretending to be IT staff

The Silent Ransom Group (SRG) is targeting law firms using social engineering techniques and an unusual tactic for cybercriminals: showing up at victims’ offices in person …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools