Hackers hijack .arpa domain for phishing scams

Hausa

Attackers have exploited the .arpa internet domain to host malicious websites and deliver phishing links. They use IPv6 and hidden .arpa addresses to disguise URLs and steal user credentials. The scheme was reported by TechRadar on March 2, 2026.

The .arpa domain, a core part of the internet infrastructure, has been hijacked by hackers for phishing purposes. According to TechRadar, attackers are leveraging IPv6 technology alongside hidden .arpa addresses to create undetectable malicious websites and domains. These disguised URLs lead users to phishing pages designed to secretly capture credentials.

The exploit allows hackers to host scams in places where they are difficult to spot, evading typical detection methods. No specific victims or scale of the attack were detailed in the report. TechRadar's coverage highlights the vulnerability in this foundational domain, which is used for internet address resolution.

This incident underscores ongoing risks in internet security, particularly with emerging protocols like IPv6. Users are advised to remain vigilant against suspicious links, though no further preventive measures were outlined in the source.

Labaran da ke da alaƙa

Illustration depicting hackers hijacking Linux Snap Store apps to steal cryptocurrency recovery phrases, featuring a compromised Ubuntu laptop and digital seed phrase theft.
Hoton da AI ya samar

Attackers hijack Linux Snap Store apps to steal crypto phrases

An Ruwaito ta hanyar AI Hoton da AI ya samar

Cybercriminals have compromised trusted Linux applications on the Snap Store by seizing expired domains, allowing them to push malware that steals cryptocurrency recovery phrases. Security experts from SlowMist and Ubuntu contributor Alan Pope highlighted the attack, which targets established publisher accounts to distribute malicious updates impersonating popular wallets. Canonical has removed the affected snaps, but calls for stronger safeguards persist.

Top VPNs targeted by typosquatting with malicious fake domains

Major VPN providers such as NordVPN, ExpressVPN, and Proton VPN are facing attacks through typosquatting, where fake domains mimic their official sites. A report indicates that 14 percent of these imitation domains are malicious. Users are advised to take precautions to avoid falling victim to these scams.

Hackers escalate digital squatting targeting brand domains

An Ruwaito ta hanyar AI

Digital squatting has reached new heights as hackers increasingly impersonate brands through domain attacks. This form of cyber impersonation takes various shapes to deceive users and organizations. The trend highlights ongoing challenges in online security.

Asia

AI scales up cyber attacks in 2025

Fasaha

Hackers are using LLMs to build next-generation phishing attacks

Fasaha

Fake Chrome AI extensions targeted over 300,000 users

Russian hackers exploit Microsoft Office vulnerability days after patch

Russian state-sponsored hackers quickly weaponized a newly patched Microsoft Office flaw to target organizations in nine countries. The group, known as APT28, used spear-phishing emails to install stealthy backdoors in diplomatic, defense, and transport entities. Security researchers at Trellix attributed the attacks with high confidence to this notorious cyber espionage unit.

GhostPairing: WhatsApp Hijacking Threat

An Ruwaito ta hanyar AI

Security researchers, first reporting via TechRadar in December 2025, warn WhatsApp's 3 billion users of GhostPairing—a technique tricking victims into linking attackers' browsers to their accounts, enabling full access without breaching passwords or end-to-end encryption.

Crypto scam pushes Ethereum transactions to record high

Ethereum's daily transactions reached an all-time high of over 2.8 million on January 16, largely driven by a widespread address poisoning scam. These attacks, which involve sending tiny crypto amounts from deceptive addresses, are intensifying amid recent network upgrades. Security experts warn that without improved wallet safeguards, users remain vulnerable to significant losses.

New cybercrime platform 1Campaign aids malicious Google ads

An Ruwaito ta hanyar AI

A new cybercrime platform known as 1Campaign allows hackers to run malicious Google Ads while evading the company's screening process. This development is raising concerns in the cybersecurity community. The platform's emergence highlights ongoing challenges in online advertising security.

February 12, 2026 00:37

Fake site offers malicious 7-Zip installer with malware

January 27, 2026 16:17

AI-based anti-phishing platform prevents 19 billion won in financial damage

January 27, 2026 06:48

Zombie domains expose Snap Store to supply chain attacks

January 25, 2026 18:07

BCA warns customers to beware of phishing scams via fake websites

January 25, 2026 15:11

OpenAI users targeted by scam emails and vishing calls

January 24, 2026 06:44

Experts highlight AI threats like deepfakes and dark LLMs in cybercrime

January 14, 2026 06:04

Hackers hijack LinkedIn comments to spread malware

December 21, 2025 12:02

Chinese hackers install backdoors via Cisco email zero-day

December 20, 2025 05:05

Hackers steal millions of Pornhub users' data for extortion

October 29, 2025 11:29

Malicious npm packages steal developer credentials on multiple platforms

 

 

 

Wannan shafin yana amfani da cookies

Muna amfani da cookies don nazari don inganta shafin mu. Karanta manufar sirri mu don ƙarin bayani.
Ƙi