In a sophisticated phishing campaign, uncovered cybercriminals are exploiting CrowdStrike’s recruitment branding to target developers and deploy the XMRig cryptominer. This scam uses fake job offers to trick victims into downloading harmful software disguised as an “employee CRM application.” The attack starts with a phishing email pretending to be from …

In October 2024, security researcher Ben Sadeghipour discovered a vulnerability in Facebook’s ad platform that allowed him to run commands on its internal server, giving him control over it. After Sadeghipour reported the vulnerability to Meta, Facebook’s parent company, it was fixed within an hour, and he received a $100,000 …

In 2025, malware attacks will persist. To prepare, organizations should familiarize themselves with common malware families. Here are five to focus on now. LockBit: LockBit is a major ransomware targeting Windows devices and is a significant threat in Ransomware-as-a-Service (RaaS) attacks. Its decentralized structure has allowed it to infiltrate high-profile …