Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication

Threat Score:
82
The Hacker News
6 hours ago

Overview

Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used "compromised websites to redirect visitors to malicious infrastructure designed to trick users into authorizing attacker-controlled devices through Microsoft's device code authentication flow," Amazon's Chief Information Security Officer CJ Mosessaid. APT29, also tracked as Blu...

Related Articles

5 articles
2

WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users

Cybersecurity News 2 hours ago

A sophisticated attack campaign has leveraged a previously unknown zero-day vulnerability in WhatsApp on Apple devices to target specific users, the company has confirmed. The vulnerability, now identified as CVE-2025-55177, was combined with a separate vulnerability in Apple’s operating systems to compromise devices and access user data. WhatsApp has since patched the vulnerability and has […]

Score
84
Read more
5
Sweden scrambles after ransomware attack puts sensitive worker data at risk

Sweden scrambles after ransomware attack puts sensitive worker data at risk

Graham Cluley 3 hours ago

Municipal government organisations across Sweden have found themselves impacted after a ransomware attack at a third-party software service supplier. Software firm Miljödata, which provides a significant proportion of Sweden's municipalities with "smart systems for a healthy work environment" handling such things as long-term sick leave and work-related injuries, is at the heart of the incident which has left around 200 of the country's organisations scrambling. Karlstad University, for instance

Score
82
Read more