WhatsApp device linking abused in account hijacking attacks

Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign ...

New WhatsApp Attack—Hackers Gain ‘Full Access’ To Accounts

New social engineering attack tricks you into giving away access to your own account. Here’s what you need to know and do.
Krebs on Security

Most Parked Domains Now Serving Malicious Content

Direct navigation — the act of visiting a website by manually typing a domain name in a web browser — has never been riskier: ...

How to Spot a Browser-in-the-Browser Phishing Attack

One particularly sneaky scam is a browser-in-the-browser (BitB) attack, in which threat actors create a fake browser window that looks like a trusted single sign-on (SSO) login page within a real ...