Fake Google Security site uses PWA app to steal credentials, MFA codes

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time ...

Updating your security mindset: Keep your data private and your devices secure

One of the most overlooked vulnerabilities in the modern threat surface is the network layer. Every time you connect to the ...
SecurityWeek

North Korean APT Targets Air-Gapped Systems in Recent Campaign

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.
The Hacker News

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...
BMJ Global Health

Leveraging community insights and navigating logistical challenges: a case study of the 2024 polio vaccination campaign in Gaza, State of Palestine

This case study describes how high vaccination coverage was achieved during the 2024 polio vaccination campaign in Gaza amid ...

Rolling out AI? 5 security tactics your business can't get wrong - and why

Rolling out AI? 5 security tactics your business can't get wrong - and why ...

Ivermectin is making a post-pandemic comeback, among cancer patients

The anti-parasitic drug became a household name during the COVID-19 pandemic, and it is now being embraced as an alternative ...