Latest news

LokiBot Returns: Multi-Stage JScript Campaign Uses Process Injection to Steal Credentials
Malware

LokiBot Returns: Multi-Stage JScript Campaign Uses Process Injection to Steal Credentials

29 June 2026 dark6

LokiBot, the decade-old credential stealer, has resurfaced with a sophisticated multi-stage attack chain: a JScript email dropper, in-memory .NET injection,...
AWS AiTM Phishing Kit Bypasses MFA to Hijack Cloud Console Sessions in Real Time
Phishing

AWS AiTM Phishing Kit Bypasses MFA to Hijack Cloud Console Sessions in Real Time

29 June 2026 dark6

A real-time adversary-in-the-middle phishing kit has been targeting AWS engineers, stealing credentials and MFA codes simultaneously to hijack cloud sessions...
JS.MonoGlyphRAT: Stealthy New Malware Hidden in Fake Purchase Orders Targets US Enterprises
Malware

JS.MonoGlyphRAT: Stealthy New Malware Hidden in Fake Purchase Orders Targets US Enterprises

8 June 2026 dark6

A previously unknown remote access trojan called JS.MonoGlyphRAT is spreading through US businesses disguised as routine purchase orders and business...
Grandoreiro Banking Trojan Returns: Targeting Portuguese Banks and Latin American Companies With Dual Campaigns
Malware

Grandoreiro Banking Trojan Returns: Targeting Portuguese Banks and Latin American Companies With Dual Campaigns

29 May 2026 dark6

The long-running Grandoreiro banking trojan has resurfaced with two active campaigns — one using DLL Side-Loading via cloud infrastructure and...
CORDIAL SPIDER and SNARKY SPIDER Deploy AiTM Pages to Breach SharePoint, HubSpot, and Google Workspace
Phishing

CORDIAL SPIDER and SNARKY SPIDER Deploy AiTM Pages to Breach SharePoint, HubSpot, and Google Workspace

2 May 2026 dark6

Two threat groups are deploying adversary-in-the-middle phishing pages combined with voice phishing to bypass MFA and hijack enterprise SaaS sessions....
Microsoft’s April 2026 Update Adds New RDP Security Warnings to Protect Against Phishing via .rdp Files
Phishing

Microsoft’s April 2026 Update Adds New RDP Security Warnings to Protect Against Phishing via .rdp Files

25 April 2026 dark6

Microsoft's April 2026 Patch Tuesday introduces new multi-layer warning dialogs in Windows Remote Desktop Connection, designed to protect users from...
Booking.com Data Breach Exposes Customer Reservation Details, Raising Phishing Risk for Travellers
Databreach

Booking.com Data Breach Exposes Customer Reservation Details, Raising Phishing Risk for Travellers

18 April 2026 dark6

Booking.com has notified customers of a data breach that exposed names, addresses, email addresses, phone numbers, and full reservation details....
Booking.com Confirms Data Breach: Reservation Data and Personal Details of Customers Exposed
Databreach

Booking.com Confirms Data Breach: Reservation Data and Personal Details of Customers Exposed

16 April 2026 dark6

Booking.com has confirmed hackers accessed customer reservation data including names, addresses, phone numbers, and booking details. Security experts warn the...
A Sophisticated New Threat: FvncBot Strikes Again
Malware

A Sophisticated New Threat: FvncBot Strikes Again

7 December 2025 dark6

A dangerous new banking malware called FvncBot is targeting unsuspecting users of Android devices, leveraging sophisticated techniques to steal sensitive...
Evilginx: A Sophisticated Phishing Toolkit Undermining MFA
Phishing

Evilginx: A Sophisticated Phishing Toolkit Undermining MFA

4 December 2025 dark6

Advanced phishing tactics utilizing a sophisticated tool known as Evilginx are becoming increasingly common, raising serious concerns for security professionals...
The FBI’s Latest Warning: Phishing Scams Target the IC3
Phishing

The FBI’s Latest Warning: Phishing Scams Target the IC3

26 November 2025 dark6

The internet is a constant battleground, and today’s cybercriminal tactics are more intricate and insidious than ever before. Recently, the...
The Payroll Pirates: a malvertising and layered attack infrastructure
Malware

The Payroll Pirates: a malvertising and layered attack infrastructure

18 November 2025 dark6

The “Payroll Pirates,” as Check Point researchers have dubbed them, represent a particularly insidious threat – a coordinated campaign targeting...