Cybercriminals always follow Internet eyeballs. Not literally, but figuratively. And today’s eyeballs are shifting. While Google Search still dominates, 20-26% of Americans have switched to AI tools like ChatGPT, Claude, and Perplexity for information gathering, a number that’s growing monthly. Scammers are following this migration, moving their game from traditional SEO poisoning in Google results […]

Active Attacks on Messaging Apps The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an urgent alert that should stop every organization in its tracks. Multiple threat groups are actively deploying commercial-grade spyware targeting popular messaging apps on iOS and Android devices. Their objective is clear: steal private conversations, track movements, and extract sensitive data […]

The world of work has changed enormously since COVID-19. Gone are the days when IT admins sat behind a corporate firewall with a neat row of local servers in a server room. Today, teams work from coffee shops, client sites, and home offices while critical systems live most often in the cloud. Even developers now […]

Let’s be honest, who hasn’t reset a password at least once this month? For decades, passwords have been our central digital authentication tool, but also the root cause of countless security breaches. They’re reused, forgotten, stolen, and phished with alarming ease. Today the tide may be turning. For years, CyberHoot has advocated for the benefits […]

In a shift away from the usual “hack-meets-victim” narrative, a new kind of cyber-assault is emerging. One where the adversary manipulates you into being your own attacker. According to a recent article from ZDNet titled “This new cyberattack tricks you into hacking yourself. Here’s how to spot it”, the tactic is simple yet potent. Social […]

In cybersecurity, not all attacks happen through fancy malware or zero-day exploits. Some of the most effective ones start with something much simpler, a look-alike website. This is where fraudulent and typo-squatted domains come in. Cybercriminals register domain names that closely resemble legitimate brands or organizations to trick users into revealing personal data, credentials, or […]

The rapid rise of generative AI has unlocked enormous promise, but it’s also accelerating the arms race in cyber threats. OpenAI’s recent “Disrupting Malicious Uses of AI” threat report highlights recent attack trends: adversaries aren’t inventing entirely new threats (attack methods), but instead or integrating AI into established attack vectors to drive dramatic increases in […]

Newly discovered Android banking Remote Access Trojan (RAT), dubbed Klopatra, has compromised more than 3,000 devices in Spain and Italy. Security researchers from Cleafy revealed that Klopatra uses hidden Virtual Network Computing (VNC) to give attackers full remote control over infected smartphones. How Klopatra Works Klopatra spreads through malicious dropper apps disguised as IPTV streaming […]

In June 2025, KNP Logistics Group, a transport company in the UK with 500 trucks and nearly two centuries of history, collapsed after falling victim to a ransomware attack. The root cause? A single employee password weak enough for criminals to guess. A Perfect Example of Cyber Risk Neglect The Akira ransomware gang did not […]

Vulnerability scanning and it’s human led partner penetration testing (aka “pentesting”) are excellent and trusted methods for uncovering important security threats in applications, infrastructure, and Internet facing devices. Unfortunately, many organizations receive their vulnerability and pentesting results once a year through static PDFs, email attachments, and/or spreadsheets. These point-in-time assessments and delivery methods lead to […]