Cybercriminals Archives • Page 17 of 34 • Daily CyberSecurity

Zero-Download Malware: New Cache Smuggling Phishing Attack Delivers Payload via Browser Cache DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

Zero-Download Malware: New Cache Smuggling Phishing Attack Delivers Payload via Browser Cache

Do Son October 10, 2025

Security researchers from Expel have discovered a new phishing campaign that creatively blends social engineering with browser...

ClickFix Phishing: New Automated Kits Trick Users Into Manually Running Malware and Stealers Acreed Infostealer, BNB Smart Chain CVE-2023-20269 exploit

Acreed Infostealer, BNB Smart Chain CVE-2023-20269 exploit

ClickFix Phishing: New Automated Kits Trick Users Into Manually Running Malware and Stealers

Do Son October 10, 2025

Researchers from Palo Alto Networks Unit 42 have discovered a new phishing trend where attackers trick victims...

Huntress Uncovers Log Poisoning Campaign Linking Nezha and Ghost RAT in Widespread Asian Cyber Intrusions Nezha Web Compromise, Log Poisoning

Huntress Uncovers Log Poisoning Campaign Linking Nezha and Ghost RAT in Widespread Asian Cyber Intrusions

Do Son October 10, 2025

Huntress researchers have unveiled a new and highly creative intrusion technique that combines log poisoning, AntSword web...

Microsoft Warns: Threat Actors Turn Microsoft Teams into a Weapon for Ransomware, Espionage, and Social Engineering Teams Attack Vector, Entra ID Abuse

Microsoft Warns: Threat Actors Turn Microsoft Teams into a Weapon for Ransomware, Espionage, and Social Engineering

Do Son October 9, 2025

Microsoft Threat Intelligence has released an extensive report detailing how both cybercriminals and state-sponsored actors are weaponizing...

Crimson Collective APT Uses Leaked IAM Keys to Hijack AWS Accounts for Data Theft

Do Son October 9, 2025

Security researchers at Rapid7 have identified a newly emerging cybercriminal group known as Crimson Collective, which has...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil

Do Son October 6, 2025

A new malware campaign uncovered by Trend Micro’s Threat Research team has weaponized WhatsApp to launch one...

Ransomware Gangs Weaponize AnyDesk, Splashtop, and Other Legitimate RATs to Bypass Security Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Ransomware Gangs Weaponize AnyDesk, Splashtop, and Other Legitimate RATs to Bypass Security

Do Son October 4, 2025

Ransomware groups are increasingly turning to legitimate Remote Access Tools (RATs) such as AnyDesk, UltraViewer, RustDesk, Splashtop,...

UAT-8099: Chinese Group Uses BadIIS Malware on Compromised Servers for SEO Fraud and Credential Theft TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

UAT-8099: Chinese Group Uses BadIIS Malware on Compromised Servers for SEO Fraud and Credential Theft

Do Son October 3, 2025

Cisco Talos researchers have detailed the activities of UAT-8099, a Chinese-speaking cybercrime group leveraging compromised Microsoft IIS...

Detour Dog: Stealthy DNS Malware Uses TXT Records for Command and Control NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Detour Dog: Stealthy DNS Malware Uses TXT Records for Command and Control

Do Son October 2, 2025

The Infoblox Threat Intelligence team has released an in-depth report on a global malware campaign leveraging the...

Russian-Speaking Lunar Spider Group Launches New Ransomware Wave with Latrodectus V2 Loader Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Sandworm Tactical Pivot, Edge Device Misconfiguration Russian cyber firms, Kremlin ties Sandworm MAX messenger

Russian-Speaking Lunar Spider Group Launches New Ransomware Wave with Latrodectus V2 Loader

Do Son October 2, 2025

The NVISO Cyber Security Incident Response Team (CSIRT) has released new findings exposing the latest campaign by...

Hackers Hijack Industrial Cellular Routers to Launch Widespread Smishing Campaigns Across Europe CVE-2020-3259 Router Smishing, Grooza Cluster

CVE-2020-3259 Router Smishing, Grooza Cluster

Hackers Hijack Industrial Cellular Routers to Launch Widespread Smishing Campaigns Across Europe

Do Son October 1, 2025

A new report from Sekoia.io’s Threat Detection & Research (TDR) team reveals how attackers are weaponizing industrial...

Rent-a-Domain: Report Details How APTs and Cybercriminals Abuse DDNS Services for Malicious Infrastructure NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Rent-a-Domain: Report Details How APTs and Cybercriminals Abuse DDNS Services for Malicious Infrastructure

Do Son September 30, 2025

A new analysis from Silent Push Threat Analysts highlights the growing misuse of publicly rentable subdomain providers,...

New Phishing Campaign Impersonates Ukrainian Police to Deliver Amatera Stealer and PureMiner SVG Phishing, Ukraine Malware

New Phishing Campaign Impersonates Ukrainian Police to Deliver Amatera Stealer and PureMiner

Do Son September 29, 2025

FortiGuard Labs recently observed a phishing campaign impersonating Ukrainian government agencies, designed to deliver multiple malware payloads...

DarkCloud Stealer Evolves: New VB6 Obfuscation and Crypto Wallet Theft Make Malware More Dangerous Than Ever Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

DarkCloud Stealer Evolves: New VB6 Obfuscation and Crypto Wallet Theft Make Malware More Dangerous Than Ever

Do Son September 29, 2025

Recently, eSentire’s Threat Response Unit (TRU) identified a spear-phishing campaign targeting a manufacturing client that attempted to...

Trinity of Chaos: How LAPSUS$, Scattered Spider, and ShinyHunters Forged a Cybercrime Alliance WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Trinity of Chaos: How LAPSUS$, Scattered Spider, and ShinyHunters Forged a Cybercrime Alliance

Do Son September 29, 2025

A new report from Resecurity sheds light on the growing convergence between three of the most notorious...

AI vs. AI: Microsoft Blocks Phishing Attack Using LLM-Generated Obfuscated Code AI-Obfuscation, SVG Phishing

AI vs. AI: Microsoft Blocks Phishing Attack Using LLM-Generated Obfuscated Code

Do Son September 26, 2025

Microsoft Threat Intelligence has revealed details of a credential phishing campaign that likely harnessed AI-generated code to...

LNK Stomping: Attackers Bypass Windows Security by Stripping the ‘Mark of the Web’ LNK Stomping, MoTW Bypass

LNK Stomping: Attackers Bypass Windows Security by Stripping the ‘Mark of the Web’

Do Son September 26, 2025

Windows shortcut files (.LNK) were designed to simplify user navigation, but for years, they’ve been a favorite...

New Phishing Campaign Targets PyPI Maintainers with Fake Domain Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

New Phishing Campaign Targets PyPI Maintainers with Fake Domain

Do Son September 25, 2025

The Python Package Index (PyPI) is once again the target of a phishing campaign aimed at maintainers,...

Secret Service Busts Covert Telecom Network Capable of Crippling NYC IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

Secret Service Busts Covert Telecom Network Capable of Crippling NYC

Do Son September 25, 2025

The U.S. Secret Service announced it has dismantled a sprawling telecommunications threat network across the New York...

Operation Rewrite: How a Malicious IIS Module Is Hijacking Websites Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Operation Rewrite: How a Malicious IIS Module Is Hijacking Websites

Do Son September 23, 2025

Researchers at Unit 42 uncovered a large-scale search engine optimization (SEO) poisoning campaign, tracked as CL-UNK-1037 and...

Critical Alert 1 Active Exploit Detected Today