Cybercriminals Archives • Page 16 of 34 • Daily CyberSecurity

Beast Ransomware Emerges as New RaaS Threat, Using ChaCha20 and Stealthy VSS Deletion Beast RaaS, ChaCha20 Stealth

Beast Ransomware Emerges as New RaaS Threat, Using ChaCha20 and Stealthy VSS Deletion

Do Son October 29, 2025

Researchers at the AhnLab Security Intelligence Center (ASEC) have released an in-depth analysis of the Beast ransomware...

Qilin RaaS Expands Global Impact: 40+ Victims/Month, Cyberduck Abuse, and WDigest Credential Theft Qilin RaaS, Cyberduck Credential Theft

Qilin RaaS Expands Global Impact: 40+ Victims/Month, Cyberduck Abuse, and WDigest Credential Theft

Do Son October 28, 2025

In its latest analysis covering the second half of 2025, researchers from Cisco Talos have revealed that...

Google Exposes UNC6229 “Fake Career” Campaign Hacking Advertising Accounts with Fake Job Lures UNC6229 Fake Career, Advertising Account Hack

Google Exposes UNC6229 “Fake Career” Campaign Hacking Advertising Accounts with Fake Job Lures

Do Son October 27, 2025

Google’s Threat Intelligence Group (GTIG) has exposed an ongoing social engineering campaign operated by a financially motivated...

Smishing Triad Uncovered: 194,000+ Malicious Domains Power Global Phishing-as-a-Service Campaign

Do Son October 27, 2025

Researchers from Palo Alto Networks’ Unit 42 have uncovered a massive, fast-evolving smishing campaign tied to a...

Jingle Thief Cybercrime Gang Steals Hundreds of Thousands in Gift Card Fraud via Microsoft 365 Identity Abuse Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Jingle Thief Cybercrime Gang Steals Hundreds of Thousands in Gift Card Fraud via Microsoft 365 Identity Abuse

Do Son October 24, 2025

Palo Alto Networks’ Unit 42 has published an in-depth analysis of a financially motivated cyber campaign dubbed...

Scattered LAPSUS$ Hunters Pivot to EaaS, Launch Insider Recruitment Campaign After Salesforce Extortion

Do Son October 22, 2025

Researchers at Palo Alto Networks’ Unit 42 have observed a surge in activity from Scattered LAPSUS$ Hunters...

UNC5142 Uses EtherHiding to Deploy Malware via BNB Smart Chain Smart Contracts UNC5142 EtherHiding, Resilient C2

UNC5142 Uses EtherHiding to Deploy Malware via BNB Smart Chain Smart Contracts

Do Son October 20, 2025

A new joint analysis by Mandiant Threat Defense and Google Threat Intelligence Group (GTIG) has exposed a...

131 Chrome Extensions Found Abusing WhatsApp Web for Spam Automation in Massive Reseller Scheme WhatsApp Spamware, Chrome Web Store Abuse

131 Chrome Extensions Found Abusing WhatsApp Web for Spam Automation in Massive Reseller Scheme

Do Son October 20, 2025

A new analysis from Socket has exposed a large-scale spamware operation abusing Google’s Chrome Web Store and...

Operation Silk Lure: Chinese Espionage Targets FinTech with Malicious Resume LNK to Implant ValleyRAT Operation Silk Lure, ValleyRAT LNK

Operation Silk Lure: Chinese Espionage Targets FinTech with Malicious Resume LNK to Implant ValleyRAT

Do Son October 17, 2025

Researchers at Seqrite Labs have uncovered a highly targeted cyber-espionage campaign, dubbed Operation Silk Lure, that leverages...

Qilin Ransomware’s Resilience Exposed: Bulletproof Hosting Network Underpins Asahi Group Holdings Attack Qilin Bulletproof Hosting, Asahi Group Ransomware

Qilin Bulletproof Hosting, Asahi Group Ransomware

Qilin Ransomware’s Resilience Exposed: Bulletproof Hosting Network Underpins Asahi Group Holdings Attack

Do Son October 17, 2025

A new report from Resecurity’s HUNTER unit has exposed the global web of bulletproof hosting (BPH) providers...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Operation Zero Disco: Critical Cisco SNMP Flaw (CVE-2025-20352) Used to Implant Linux Rootkits on Switches

Do Son October 16, 2025

Security researchers from Trend Research have uncovered a sophisticated campaign — dubbed “Operation Zero Disco” — in...

DOJ Files Record $15 Billion Bitcoin Seizure Against Prince Group Chairman Over Pig Butchering Scams Prince Group Indictment, $15 Billion Bitcoin Seizure

Prince Group Indictment, $15 Billion Bitcoin Seizure

DOJ Files Record $15 Billion Bitcoin Seizure Against Prince Group Chairman Over Pig Butchering Scams

Do Son October 15, 2025

The U.S. Department of Justice (DOJ) has unsealed an indictment against Chen Zhi, also known as Vincent,...

Fully Autonomous Cybercrime: TA585 Uses ClickFix Phishing and Own Infrastructure to Deploy Premium MonsterV2 RAT TA585 Autonomous, MonsterV2 RAT

Fully Autonomous Cybercrime: TA585 Uses ClickFix Phishing and Own Infrastructure to Deploy Premium MonsterV2 RAT

Do Son October 15, 2025

Proofpoint has identified a new and highly self-reliant cybercriminal threat actor, tracked as TA585, which operates with...

Hacker Alliance Demands Ransom: Scattered LAPSUS$ Hunters Claim 1 Billion Records Stolen from Salesforce Salesforce Extortion, Scattered LAPSUS$ Hunters

Salesforce Extortion, Scattered LAPSUS$ Hunters

Hacker Alliance Demands Ransom: Scattered LAPSUS$ Hunters Claim 1 Billion Records Stolen from Salesforce

Do Son October 14, 2025

A newly formed cybercrime consortium known as Scattered Lapsus$ Hunters (SLSH) — also dubbed the “Trinity of...

Payroll Piracy: Hackers Storm-2657 Exploit MFA Flaws to Hijack University Salary Payments via Workday Payroll Piracy, Workday Phishing

Payroll Piracy: Hackers Storm-2657 Exploit MFA Flaws to Hijack University Salary Payments via Workday

Do Son October 13, 2025

Microsoft Threat Intelligence has issued a warning about a financially motivated campaign conducted by a threat actor...

Homebrew Spoofing: Fake Installer Sites Use Clipboard Injection to Compromise macOS Developers Homebrew Spoofing, Clipboard Injection

Homebrew Spoofing: Fake Installer Sites Use Clipboard Injection to Compromise macOS Developers

Do Son October 13, 2025

Researchers from Kandji’s Threat Intelligence team uncovered a malware campaign targeting macOS users through spoofed Homebrew installer...

Cryptocurrency Drain Conspiracy: Single Alibaba Server Hosts Multi-Vector Scams, Hijacking Wallets via Fake Trust Wallet and MobileConfig Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

Cryptocurrency Drain Conspiracy: Single Alibaba Server Hosts Multi-Vector Scams, Hijacking Wallets via Fake Trust Wallet and MobileConfig

Do Son October 13, 2025

DomainTools Threat Intelligence has exposed a sprawling cybercrime operation that uses a single infrastructure to power multiple...

Beamglea Campaign: Hackers Abuse 175 npm Packages and unpkg CDN for Large-Scale Phishing npm Phishing, Beamglea

Beamglea Campaign: Hackers Abuse 175 npm Packages and unpkg CDN for Large-Scale Phishing

Do Son October 11, 2025

Socket’s Threat Research Team has uncovered a massive supply-chain abuse campaign leveraging npm’s public registry and unpkg.com’s...

CL0P Extortion: Google/Mandiant Expose Zero-Day RCE in Oracle E-Business Suite (CVE-2025-61882)

Do Son October 10, 2025

Google Threat Intelligence Group (GTIG) and Mandiant have jointly disclosed an extensive data theft and extortion campaign...

DFIR Tool Hijacked: Ransomware Group Storm-2603 Abuses Velociraptor for Stealthy LockBit/Babuk Attacks INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

DFIR Tool Hijacked: Ransomware Group Storm-2603 Abuses Velociraptor for Stealthy LockBit/Babuk Attacks

Do Son October 10, 2025

Cisco Talos has confirmed that ransomware operators are now abusing Velociraptor, an open-source digital forensics and incident...

Critical Alert 1 Active Exploit Detected Today