Threat-modelling onboarding: where fraud starts before the first transaction

Fraud starts earlier than most teams model. Many fraud programs still centre transaction monitoring, but attackers can gain a meaningful advantage earlier, at account creation and ...
DataBreachToday

China-Linked Hackers Use Malware Trio for Telecom Espionage

A China-linked cyberespionage group has been targeting telecommunications providers in South America since 2024 using a set ...

Hackers abuse .arpa DNS and ipv6 to evade phishing defenses

Threat actors are abusing the special-use ".arpa" domain and IPv6 reverse DNS in phishing campaigns that more easily evade ...
PCMag

VPN Metadata Explained: What Your Provider Can and Can't See

VPNs encrypt your traffic, but they aren't blind to your activity. Here's the metadata your provider can see—and how to spot services that misuse it.
Decrypt

Post-Quantum Shift Could Force Crypto Exchanges to Rethink Wallet Security

New wallet research aims to preserve a core feature exchanges use to generate deposit addresses without exposing private keys.

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations.