Security researchers from Koi have uncovered 17 malicious Firefox extensions hiding multi-stage malware inside PNG logo files, affecting 50,000+ users.
#SecurityLand #ThreatHorizon #Steganography #Malware #PNG #BrowserSecurity #Cybersecurity
Read More: www.security.land/firefox-exte...
#SecurityLand #ThreatHorizon #Steganography #Malware #PNG #BrowserSecurity #Cybersecurity
Read More: www.security.land/firefox-exte...
Firefox Extensions Hide Malware in PNG Files: 50K Users Hit
Security researchers discover 17 Firefox extensions using PNG steganography to hide multi-stage malware affecting 50,000+ users.
www.security.land
December 18, 2025 at 12:03 AM
Security researchers from Koi have uncovered 17 malicious Firefox extensions hiding multi-stage malware inside PNG logo files, affecting 50,000+ users.
#SecurityLand #ThreatHorizon #Steganography #Malware #PNG #BrowserSecurity #Cybersecurity
Read More: www.security.land/firefox-exte...
#SecurityLand #ThreatHorizon #Steganography #Malware #PNG #BrowserSecurity #Cybersecurity
Read More: www.security.land/firefox-exte...
Socket researchers uncover 27 npm packages used as phishing infrastructure targeting manufacturing and healthcare sectors.
Read More: www.security.land/npm-registry...
#SecurityLand #ThreatHorizon #Cybersecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev
Read More: www.security.land/npm-registry...
#SecurityLand #ThreatHorizon #Cybersecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev
npm Registry Abused for Targeted Spearphishing Campaign
A five-month spearphishing operation has transformed the npm registry into a durable hosting layer for AiTM credential theft, specifically targeting sales teams in the manufacturing and healthcare ind...
www.security.land
December 24, 2025 at 1:50 PM
Socket researchers uncover 27 npm packages used as phishing infrastructure targeting manufacturing and healthcare sectors.
Read More: www.security.land/npm-registry...
#SecurityLand #ThreatHorizon #Cybersecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev
Read More: www.security.land/npm-registry...
#SecurityLand #ThreatHorizon #Cybersecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev
A sophisticated threat actor with possible links to Russian hybrid-threat groups impersonated Trend Micro security advisories.
#SecurityLand #ThreatHorizon #APT #TrendMicro #ShadowVoid042 #Cybercrime #SpearPhishing
Read More: www.security.land/shadow-void-...
#SecurityLand #ThreatHorizon #APT #TrendMicro #ShadowVoid042 #Cybercrime #SpearPhishing
Read More: www.security.land/shadow-void-...
SHADOW-VOID-042: Cybercriminals Fake Trend Micro Alerts
A sophisticated threat actor with possible links to Russian hybrid-threat groups impersonated Trend Micro security advisories to target defense contractors, energy companies, and cybersecurity firms. ...
www.security.land
December 20, 2025 at 1:28 PM
A sophisticated threat actor with possible links to Russian hybrid-threat groups impersonated Trend Micro security advisories.
#SecurityLand #ThreatHorizon #APT #TrendMicro #ShadowVoid042 #Cybercrime #SpearPhishing
Read More: www.security.land/shadow-void-...
#SecurityLand #ThreatHorizon #APT #TrendMicro #ShadowVoid042 #Cybercrime #SpearPhishing
Read More: www.security.land/shadow-void-...
The notorious Lazarus Group, along with other North Korean hackers, has evolved their strategy beyond conventional exchange attacks on crypto organizations.
#SecurityLand #ThreatHorizon #Cybersecurity #Crypto #HumanFactor #NorthKorea #CryptoExchange
Read More: www.security.land/north-korean...
#SecurityLand #ThreatHorizon #Cybersecurity #Crypto #HumanFactor #NorthKorea #CryptoExchange
Read More: www.security.land/north-korean...
North Korean Hackers Infiltrate Crypto Companies with Fake Job Applications | Security Land
North Korean hackers infiltrate crypto companies using fake resumes and job applications. Learn how to protect your firm.
www.security.land
September 19, 2025 at 11:11 PM
The notorious Lazarus Group, along with other North Korean hackers, has evolved their strategy beyond conventional exchange attacks on crypto organizations.
#SecurityLand #ThreatHorizon #Cybersecurity #Crypto #HumanFactor #NorthKorea #CryptoExchange
Read More: www.security.land/north-korean...
#SecurityLand #ThreatHorizon #Cybersecurity #Crypto #HumanFactor #NorthKorea #CryptoExchange
Read More: www.security.land/north-korean...
Chinese threat actor UAT-9686 has been compromising Cisco email security systems since late November with a custom backdoor called AquaShell.
#SecurityLand #ThreatHorizon #Cisco #UAT9686 #EmailSecurity #APT #China
Read More: www.security.land/uat-9686-chi...
#SecurityLand #ThreatHorizon #Cisco #UAT9686 #EmailSecurity #APT #China
Read More: www.security.land/uat-9686-chi...
UAT-9686 Chinese APT Targets Cisco Email Security Appliances
Chinese threat actor UAT-9686 deploys AquaShell backdoor on Cisco Secure Email Gateway appliances with custom persistence.
www.security.land
December 19, 2025 at 9:31 AM
Chinese threat actor UAT-9686 has been compromising Cisco email security systems since late November with a custom backdoor called AquaShell.
#SecurityLand #ThreatHorizon #Cisco #UAT9686 #EmailSecurity #APT #China
Read More: www.security.land/uat-9686-chi...
#SecurityLand #ThreatHorizon #Cisco #UAT9686 #EmailSecurity #APT #China
Read More: www.security.land/uat-9686-chi...
VoidProxy phishing service bypasses MFA & SSO for M365/Google accounts. Okta Threat Intelligence reveals sophisticated AitM attacks.
#SecurityLand #ThreatHorizon #CyberSecurity #EnterpriseSecurity #AitM #Phishing #VoidProxy #Okta #ThreatIntelligence
Read More: www.security.land/voidproxy-em...
#SecurityLand #ThreatHorizon #CyberSecurity #EnterpriseSecurity #AitM #Phishing #VoidProxy #Okta #ThreatIntelligence
Read More: www.security.land/voidproxy-em...
VoidProxy Emerges as Advanced Phishing-as-a-Service Platform Targeting Enterprise Authentication Systems | Security Land
VoidProxy phishing platform bypasses MFA and SSO security, targeting Microsoft 365 and Google accounts through sophisticated AitM attacks.
www.security.land
September 15, 2025 at 1:14 PM
VoidProxy phishing service bypasses MFA & SSO for M365/Google accounts. Okta Threat Intelligence reveals sophisticated AitM attacks.
#SecurityLand #ThreatHorizon #CyberSecurity #EnterpriseSecurity #AitM #Phishing #VoidProxy #Okta #ThreatIntelligence
Read More: www.security.land/voidproxy-em...
#SecurityLand #ThreatHorizon #CyberSecurity #EnterpriseSecurity #AitM #Phishing #VoidProxy #Okta #ThreatIntelligence
Read More: www.security.land/voidproxy-em...
New infrastructure analysis from Censys reveals how the pro-Russian hacktivist group NoName057(16) maintains DDoSia operations through rapid server rotation.
#SecurityLand #ThreatHorizon #Research #Censys #DDoSia #DDoS #DDoSAttack #NoName057
Read More: www.security.land/ddosia-infra...
#SecurityLand #ThreatHorizon #Research #Censys #DDoSia #DDoS #DDoSAttack #NoName057
Read More: www.security.land/ddosia-infra...
Censys Reveals Rapid Server Rotation Behind NoName057(16) Attacks
Censys research reveals DDoSia control servers last avg 2.5 days, with 6 active at any time. Analysis of pro-Russian DDoS infrastructure.
www.security.land
December 15, 2025 at 11:33 PM
New infrastructure analysis from Censys reveals how the pro-Russian hacktivist group NoName057(16) maintains DDoSia operations through rapid server rotation.
#SecurityLand #ThreatHorizon #Research #Censys #DDoSia #DDoS #DDoSAttack #NoName057
Read More: www.security.land/ddosia-infra...
#SecurityLand #ThreatHorizon #Research #Censys #DDoSia #DDoS #DDoSAttack #NoName057
Read More: www.security.land/ddosia-infra...
Socket researchers uncover 27 npm packages used as phishing infrastructure targeting manufacturing and healthcare sectors.
Read More: www.security.land/npm-registry...
#SecurityLand #ThreatHorizon #Potatosecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev
Read More: www.security.land/npm-registry...
#SecurityLand #ThreatHorizon #Potatosecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev
December 24, 2025 at 2:05 PM
Socket researchers uncover 27 npm packages used as phishing infrastructure targeting manufacturing and healthcare sectors.
Read More: www.security.land/npm-registry...
#SecurityLand #ThreatHorizon #Potatosecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev
Read More: www.security.land/npm-registry...
#SecurityLand #ThreatHorizon #Potatosecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev