All posts
3274 articles
strategy
messengersMessengers 101: safety and privacy advice
A dozen short and simple tips on how to use WhatsApp, Telegram, Signal, iMessage, WeChat, and other messaging apps safely and hassle-free.
Security measures for handling archive files in organizations
Archives are being used in targeted phishing and other attacks on organizations. What tools, settings, and policies can mitigate the threat?
e-mailScammers exploiting GetShared for phishing attacks
Scammers are exploiting GetShared to bypass email security.
What happens if you download a cracked program?
Spoiler: nothing good. Along with pirated software, you’ll probably pick up a miner, stealer, or backdoor.
NFCNFC carders hide behind Apple Pay and Google Wallet
Cybercriminals are inventing new ways to swipe money from payment cards by using credentials phished online or over the phone. Sometimes, just holding your card to your phone is enough to leave you penniless.
When files are not what they seem
Attackers use the polyglot technique to disguise malware. We explain what it is and how to protect your company against attacks.
threatsTarot and cyberthreats: a new Trojan for fans of the supernatural
New malware targets magic enthusiasts — sending stolen data to an “astral cloud server”.
A ransomware attack through an IP camera
Fending off ransomware attacks that exploit corporate IoT devices.
How to track anyone via the Find My network
Apple’s Find My network can be exploited to remotely track other vendors’ Android, Windows, and Linux devices.
Three ways to hack… a mattress!
A security researcher has investigated his own smart mattress cover, discovering several ways to hack it — including through a backdoor preinstalled by the developer.
vulnerabilitiesOperation ForumTroll: APT attack via zero-day vulnerability
Our technologies have helped to detect the zero-day vulnerability CVE-2025-2783 in Google Chrome, which was used in a sophisticated APT attack.
Privacy under attack: nasty surprises in Chrome, Edge, and Firefox
How to counter new privacy invasions by browser developers
Fog ransomware publishes victim’s IP-addresses
Cybercriminals behind the Fog ransomware publish leaked data along with the IP addresses of attacked computers.
Arcane stealer instead of Minecraft cheats
If you’ve ever downloaded game cheats from a YouTuber’s “link in the description”, your computer might be infected with a stealer.
Attack on DevOps: secrets leaked via malicious GitHub Action
How to respond to a compromised GitHub changed-files Action incident.
AndroidGoogle forcing Android System SafetyCore on users to scan for nudes
We dive into the mechanics of the controversial nude-scanning app that has mysteriously materialized on a billion phones.
Three VMware vulnerabilities: key risks and urgent patches
Reasons for updating your ESXi infrastructure ASAP, and enterprise threats that VM escape poses.
Six Microsoft vulnerabilities being actively exploited
Microsoft’s March Patch Tuesday fixes several vulnerabilities that have already been used in the wild. Details are not clear at the moment, but it’s worth installing the patches ASAP.
Lessons from the Bybit hack: how to store crypto safely
Takeaways for regular crypto holders from the biggest crypto heist in history.