Cybercriminals Archives • Page 10 of 34 • Daily CyberSecurity

Unmasking the Proxy: Silent Push “Traffic Origin” Exposes True Actor Locations Residential Proxy Detection

Unmasking the Proxy: Silent Push “Traffic Origin” Exposes True Actor Locations

Do Son February 11, 2026

A new report by Silent Push reveals how advanced traffic analysis can strip away the digital masks...

Signed” Sealed, Delivered: Cybercriminals Abuse PayPal and Apple to Bypass Email Security DKIM Replay Attack Invoice Phishing

Signed” Sealed, Delivered: Cybercriminals Abuse PayPal and Apple to Bypass Email Security

Do Son February 11, 2026

Phishing attacks have evolved beyond poorly spelled emails and suspicious links. A new report by Kaseya (featuring...

“Hard Working” Thieves: Rublevka Team Steals $10M in Solana Scam-as-a-Service FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

“Hard Working” Thieves: Rublevka Team Steals $10M in Solana Scam-as-a-Service

Do Son February 9, 2026

A sophisticated Russian cybercrime syndicate has stolen over $10 million in cryptocurrency since 2023, leveraging a highly...

The Invisible Landlord: ShadowSyndicate Rotates Keys to Hide Infrastructure

Do Son February 6, 2026

The sprawling, murky network known as ShadowSyndicate has evolved. Previously identified by a singular, careless digital fingerprint,...

The Invisible Proxy: NGINX Hijacked for Silent SEO Poisoning NGINX Traffic Hijacking SEO Poisoning

The Invisible Proxy: NGINX Hijacked for Silent SEO Poisoning

Do Son February 6, 2026

A new campaign is targeting the backbone of the web, compromising NGINX servers to silently redirect user...

Vercel Blob Phishing PDF Phishing Campaign

Cloud-Hosted Trap: Phishers Use Vercel & Telegram to Bypass Filters

Do Son February 6, 2026

Phishing attacks have evolved from simple “click here” links to complex, multi-stage puzzles designed to baffle security...

Ghost Folders: “Directory Shadowing” Hack Hijacks WordPress SEO WordPress Directory Shadowing SEO Spam Malware

Ghost Folders: “Directory Shadowing” Hack Hijacks WordPress SEO

Do Son February 5, 2026

A new and stealthy malware campaign is targeting WordPress sites, turning trusted pages into billboards for online...

“IT Support” Imposters: ShinyHunters Vishing Rings Bypass MFA to Steal Data ShinyHunters Vishing Corporate Vishing Attacks

“IT Support” Imposters: ShinyHunters Vishing Rings Bypass MFA to Steal Data

Do Son February 4, 2026

A new report from Mandiant details how sophisticated voice phishing (vishing) rings are bypassing modern security controls...

The “Fix” is a Trap: ConsentFix Phishing Bypasses MFA via Azure CLI ConsentFix Phishing OAuth Token Theft

The “Fix” is a Trap: ConsentFix Phishing Bypasses MFA via Azure CLI

Do Son February 2, 2026

A cunning new phishing technique is turning the trust of Microsoft’s own tools against its users. Dubbed...

New Offensive OT Framework Targeting Energy Infrastructure Emerges on Dark Web ICS Offensive Framework APT IRAN

New Offensive OT Framework Targeting Energy Infrastructure Emerges on Dark Web

Do Son February 2, 2026

A new threat to industrial control systems (ICS) has surfaced on the dark web, signaling a potential...

Silent Intruder: “EncystPHP” Web Shell Burrows into FreePBX Systems EncystPHP Web Shell FreePBX Vulnerability

Silent Intruder: “EncystPHP” Web Shell Burrows into FreePBX Systems

Do Son February 2, 2026

A sophisticated new web shell has been discovered burrowing into communication infrastructure, leveraging a critical vulnerability to...

Hidden in Plain Sight: TA584 Deploys “Tsundere Bot” & Invisible Registry Keys TA584 Tsundere Bot Invisible Registry Persistence

Hidden in Plain Sight: TA584 Deploys “Tsundere Bot” & Invisible Registry Keys

Do Son February 2, 2026

TA584, a sophisticated Initial Access Broker (IAB) known for paving the way for ransomware gangs, has dramatically...

VPNs & Fake Updates: Google Dismantles Massive IPIDEA Proxy Network IPIDEA Proxy Network Residential Proxy Disruption

VPNs & Fake Updates: Google Dismantles Massive IPIDEA Proxy Network

Do Son January 31, 2026

In a major strike against the hidden infrastructure of the cybercrime ecosystem, Google Threat Intelligence Group (GTIG)...

“SessionReaper” Harvests Roots: Mass Exploitation Campaign Hits Over 200 Magento Sites FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

“SessionReaper” Harvests Roots: Mass Exploitation Campaign Hits Over 200 Magento Sites

Do Son January 30, 2026

A massive wave of cyberattacks has struck the e-commerce world, targeting the widely used Magento platform with...

Scam Alert: “Amazon Ads Blocker” Extension Hijacks Creator Commissions Amazon Ads Blocker Affiliate Link Hijacking Malicious browser extensions

Amazon Ads Blocker Affiliate Link Hijacking Malicious browser extensions

Scam Alert: “Amazon Ads Blocker” Extension Hijacks Creator Commissions

Do Son January 30, 2026

A popular Chrome extension promising to clean up your Amazon shopping experience is actually a cleverly disguised...

The “WorkMail Pivot”: Hackers Abuse AWS WorkMail to Bypass SES Sandbox AWS WorkMail Abuse SES Sandbox Bypass

The “WorkMail Pivot”: Hackers Abuse AWS WorkMail to Bypass SES Sandbox

Do Son January 30, 2026

A new investigation by Rapid7 reveals that cybercriminals have found a clever way to bypass the strict...

The “Zeroplayer” Arsenal: WinRAR Flaw CVE-2025-8088 Weaponized by Spies WinRAR Vulnerability CVE-2025-8088

The “Zeroplayer” Arsenal: WinRAR Flaw CVE-2025-8088 Weaponized by Spies

Do Son January 29, 2026

A critical vulnerability in one of the world’s most popular file archivers has become a favorite weapon...

The $40M Insider Heist: Son of Federal Contractor Investigated for Seized Crypto Theft CMDSS ZachXBT crypto theft, John Daghita U.S. Marshals investigation Bitfinex Hacker - DMM Bitcoin Cyberattack

CMDSS ZachXBT crypto theft, John Daghita U.S. Marshals investigation Bitfinex Hacker - DMM Bitcoin Cyberattack

The $40M Insider Heist: Son of Federal Contractor Investigated for Seized Crypto Theft

Do Son January 29, 2026

The United States government has amassed a colossal treasury of digital assets through the seizure of illicit...

46 Months for $37 Million: Chinese National Sentenced for Role in Cambodian Crypto Scam Ring FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

46 Months for $37 Million: Chinese National Sentenced for Role in Cambodian Crypto Scam Ring

Do Son January 28, 2026

Chinese national Jingliang Su has been sentenced to 46 months in federal prison for laundering millions of...

The “PayTool” Trap: Massive Fraud Cluster Impersonates Canada Gov & Air Canada WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

The “PayTool” Trap: Massive Fraud Cluster Impersonates Canada Gov & Air Canada

Do Son January 28, 2026

A sprawling, interconnected web of fraud clusters is aggressively targeting Canadian citizens, exploiting their reliance on digital...

Critical Alert 1 Active Exploit Detected Today