Phishers Gain Persistence at EU, Asia Hospitality Orgs
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social engineering and obsfucation, including blockchain abuse.
Abuse covers the misuse of accounts, services, and systems for fraud, intrusion, harassment, or other harmful cyber activity.
Search across headline titles and summaries.
Background for this topic.
Abuse in cybersecurity means using systems, networks, or services in unauthorized or harmful ways, such as sending spam, hijacking accounts, or launching Distributed Denial of Service (DDoS) attacks. It often exploits weak authentication, misconfigurations, or gaps in policies to gain access or disrupt services. Common abuse techniques include credential stuffing, phishing, and using compromised infrastructure to amplify attacks.
Managing abuse is critical because it can degrade service availability, expose sensitive data, and damage organizational reputation. Security teams focus on detecting unusual activity patterns, enforcing multi-factor authentication, and applying rate limits to reduce automated abuse. Timely abuse reporting and automated detection tools help identify and block malicious behavior, making abuse mitigation a key part of maintaining secure and reliable systems.
Weekly headline count for the current query.
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social engineering and obsfucation, including blockchain abuse.
Anthropic abruptly suspended all access to Fable 5 and Mythos 5 after receiving an export control directive that banned foreign nationals from using the technology.
In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plug-in, Pheno, to hijack the Windows-based bridge between PCs and smartphones.
A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged campaign.
Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration files.
A social engineering campaign impersonating PayPal and Amazon uses customer support interactions to acquire sensitive info.
It's the path of lesser resistance, as remote monitoring and management (RMM) software offers stealth, persistence, and operational efficiency.
The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade detection and gain trust.
Anthropic proves that LLMs can be fairly resistant to abuse. Most developers are either incapable of building safer tools, or unwilling to invest in doing so.
A malware campaign presents fake websites that can check if a visitor is a potential victim or a security researcher, and then proceed accordingly to defraud or evade.
Threat actors will continue to abuse deepfake technology to conduct fraudulent activity, so organizations need to implement strong security protocols – even if it adds to user friction.
Researchers discovered that measures designed to make AI more transparent to users and regulators can also make it easier for bad actors to abuse.
New research highlights how threat actors abuse legitimate virtual private server offerings in order to spin up infrastructure cheaply, quietly, and fast.
Some LLM-created scripts and emails can lower the barrier of entry for low-skill attackers, who can use services like Lovable to create convincing, effective websites in minutes.
A software developer discovered a way to abuse an undocumented protocol in Amazon's Elastic Container Service to escalate privileges, cross boundaries and gain access to other cloud resources.
The "Direct Send" feature simplifies internal message delivery for trusted systems, and the campaign successfully duped both Microsoft Defender and third-party secure email gateways.
The intelligence-gathering cyber campaign introduces the novel HazyBeacon backdoor and uses legitimate cloud communication channels for command-and-control (C2) and exfiltration to hide its malicious activities.
Attackers can abuse malicious extensions to access critical data, including credentials, but organizations can reduce the risks by raising awareness and enforcing strict policy controls.
The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks.
Cybersecurity vendors say threat actors' abuse of traffic distribution systems (TDS) is becoming more complex and sophisticated — and much harder to detect and block.