Threat actors stories - Page 5

Okta users face rising vishing attacks as ShinyHunters expand real-time MFA phishing, prompting fresh SaaS and identity security warnings.

Panera data breach exposes details of 14 million customers, spotlighting a surge in SaaS-focused extortion and identity-driven cyber attacks.

AI-powered phishing is resetting the threat curve, as underprepared finance teams become prime targets for deepfake and BEC fraud.

NCC flags fourth straight monthly rise in ransomware attacks and growing efforts by major gangs to recruit insiders and cyber staff.

AI-driven hacking has pushed weekly cyber attacks up 70% since 2023, with Check Point warning campaigns are faster, broader and harder to stop.

Ransomware gangs shrank in number but hit more victims in late 2025, with leak-site postings soaring despite fewer active groups.

Okta warns new real-time vishing kits can hijack browser sessions during calls, tricking users into defeating non‑phishing‑resistant MFA.

New UK cyber bill pushes critical sectors towards continuous offensive security testing as state-backed and criminal threats intensify.

Cyderes appoints Lana Knop as Chief Product Officer to steer post‑Lucidum product strategy and drive a new wave of AI‑powered security services.

Over 70% of major retailers and nearly 60% of wholesalers have exposed credentials, leaving shared supply chains ripe for attack.

Misconfigured cloud training labs on AWS, Google Cloud and Azure expose major firms to live attacks via overly permissive access roles.

Major firms are leaving known, actively exploited cyber flaws unpatched for six months or more, sharply heightening breach risks.

Unicorns beat Global 2000 on core domain security, yet weak registry locks and scant DNS redundancy leave major gaps in cyber defences.

Ransomware attacks hit record highs in 2025 as Qilin overtakes LockBit, with victim numbers surging 58% and threat groups multiplying.

Microsoft again tops global phishing brand list as attackers increasingly mimic big tech services to steal cloud and consumer credentials.

Phishing-as-a-service kits doubled in 2025, now powering 90% of attacks as cyber gangs race to outsmart multifactor checks and filters.

Microsoft's first 2026 Patch Tuesday fixes an exploited DWM zero-day, strips decades-old modem drivers and tackles Secure Boot risks.

HP reports a surge in convincing fake software updates and staged prompts that trick users into installing stealthy, rapidly evolving malware.

Proofpoint flags a sharp rise in Microsoft 365 account takeovers via device code phishing, hitting firms from finance to government.

Ransomware attacks dipped in November, but ClickFix techniques and alliances between groups like Qilin and CL0P drove fresh risks.