New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework called UI Automation (UIA) to harvest sensitive information. “The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banking institutes’ web addresses and cryptocurrency exchanges,” Akamai security researcher […]
Why ISO 42001 Matters for AI Governance at Scale
How a new international standard is shaping the future of responsible AI development and deployment.
Lumma Stealer Is Back & Stealthier Than Ever
The operators of the popular and prolific malware wasted no time in regrouping after an FBI takedown in May, and they’re back to their old tricks.
US Nuclear Agency Hacked in Microsoft SharePoint Frenzy
Threat actors are piling on the zero-day vulnerabilities in SharePoint, including at least three Chinese nation-state cyber-espionage groups.
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware
The threat actor behind the exploitation of vulnerable Craft Content Management System (CMS) instances has shifted its tactics to target Magento CMS and misconfigured Docker instances. The activity has been attributed to a threat actor tracked as Mimo (aka Hezb), which has a long history of leveraging N-day security flaws in various web applications to […]
Stop AI Bot Traffic: Protecting Your Organization’s Website
As crawlers and bots bog down websites in the era of AI, some researchers say that the solution for the Internet’s most vulnerable websites is already here.
Department of Education Site Mimicked in Phishing Scheme
An ongoing phishing campaign is using fake versions of the department’s G5 grant portal, taking advantage of political turmoil associated with the DoE’s 1,400 layoffs.
Dark Web Hackers Moonlight as Travel Agents
Hackers are using stolen goods such as credit cards and loyalty points to book travel for sometimes unsuspecting clients, and remote workers, SMBs, travel brands, and others are at risk.
Banking Trojan Coyote Abuses Windows UI Automation
It’s the first known instance of malware that abuses the UIA framework and has enabled dozens of attacks against banks and crypto exchanges in Brazil.
Fixed Ivanti Bugs Still Haunt Japan Orgs 6 Months Later
Chinese threat actors have been feeding off the same Ivanti RCE vulnerabilities we’ve known about since last year, partly thanks to complications in patching.
