The Hacker News

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

APT28 ran a sustained phishing campaign from June 2024 to April 2025, using fake UKR.net login pages to steal credentials and ...
XDA Developers on MSN

3 habits that make password managers and passkeys actually usable

Password managers and passkeys are only worth using when you turn on specific features. For example, features like 2FA codes, ...

Shut Down And Restart—New Microsoft Attack Beats Passwords, 2FA And Passkeys

Check Point explains that this new technique “tricks people into giving attackers access to their Microsoft accounts. The ...
CSO Online

Gladinet servers file-sharing servers allow remote code execution

Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...
The Hacker News

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

Researchers detail new AI and phishing kits that steal credentials, bypass MFA, and scale attacks across major services.