This fake Google Security check can steal your passwords. Here’s how to stay safe

A new phishing campaign is impersonating Google’s account security checks to trick users into installing a malicious web app that steals passwords, passcodes, and other sensitive data directly from ...

Bitwarden adds support for passkey login on Windows 11

Bitwarden announced support for logging into Windows 11 devices using passkeys stored in the manager's vault, enabling phishing-resistant authentication.
Hackaday

Hackaday Podcast Ep 359: Flying Squids, Edible Passwords, And A CAD Automaton

Hackaday editors Elliot Williams and Al Williams met up to trade their favorite posts of the week. Tune in and see if your favorites made the list. From crazy intricate automata to surprising ...

APT37 hackers use new malware to breach air-gapped networks

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...
Krebs on Security

Who is the Kimwolf Botmaster “Dort”?

Who is the Jacob that Qoft referred to as their business partner? The breach tracking service Constella Intelligence finds the password used by jay.miner232@gmail.com was reused by just one other ...
Knowridge Science Report

3 popular password managers are less secure than promised

People who regularly use online services have between 100 and 200 passwords. Very few can remember every single one. Password managers are therefore extremely helpful, allowing users to access all ...