Cybercriminals Archives • Page 18 of 34 • Daily CyberSecurity

New Malware Found in npm Package “fezbox” Uses QR Codes to Steal Credentials GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

New Malware Found in npm Package “fezbox” Uses QR Codes to Steal Credentials

Do Son September 23, 2025

The Socket Threat Research Team has uncovered a new malware campaign hiding inside an npm package called...

Kawa4096: A New Ransomware Group with Akira-Style Branding and Qilin-Like Notes CVE-2024-22394

Kawa4096: A New Ransomware Group with Akira-Style Branding and Qilin-Like Notes

Do Son September 23, 2025

In June 2025, a new ransomware group known as Kawa4096 surfaced, launching disruptive attacks against multinational organizations...

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users LastPass, macOS infostealer

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users

Do Son September 22, 2025

The LastPass Threat Intelligence, Mitigation, and Escalation (TIME) team has issued a warning about an ongoing infostealer...

BlackLock Ransomware: A New Cross-Platform Threat Spreading Rapidly

Do Son September 22, 2025

The AhnLab Security Intelligence Center (ASEC) has released a detailed analysis of BlackLock, a relatively new ransomware...

The Database Was the Door: A Ransomware Attack Began with an Exposed Oracle Serve Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

The Database Was the Door: A Ransomware Attack Began with an Exposed Oracle Serve

Do Son September 22, 2025

Yarix’s Incident Response Team (YIR) has published an in-depth analysis of a targeted intrusion that leveraged an...

DOJ Charges UK National Linked to Scattered Spider in $115M Cyber Extortion Scheme Romanian hacker sentenced identity theft conviction Pig-Butchering Crackdown Operation Level Up Oleksandr Didenko North Korean IT Workers Coinbase TaskUs insider breach, Hyderabad police Coinbase arrest Scattered Spider, Cybercrime Scattered Spider group

Romanian hacker sentenced identity theft conviction Pig-Butchering Crackdown Operation Level Up Oleksandr Didenko North Korean IT Workers Coinbase TaskUs insider breach, Hyderabad police Coinbase arrest Scattered Spider, Cybercrime Scattered Spider group

DOJ Charges UK National Linked to Scattered Spider in $115M Cyber Extortion Scheme

Do Son September 19, 2025

The U.S. Department of Justice (DOJ) has unsealed a criminal complaint charging Thalha Jubair, a 19-year-old United...

ShinyHunters Expands With AI-Powered Vishing, Supply Chain Intrusions, and Insider Recruitment Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

Open VSX Malware String-Fragment Reconstruction DarkCloud Stealer, steganography APT 35 Charming Kitten cyclops

ShinyHunters Expands With AI-Powered Vishing, Supply Chain Intrusions, and Insider Recruitment

Do Son September 19, 2025

ShinyHunters, one of the most notorious financially motivated eCrime groups, is broadening its arsenal with AI-driven social...

Microsoft Dismantles RaccoonO365 Phishing Service

Do Son September 18, 2025

Microsoft’s Digital Crimes Unit (DCU) has dismantled the infrastructure behind RaccoonO365, one of the fastest-growing phishing kit...

BreachForums Founder Resentenced to Three Years in Prison for Cybercrime AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

BreachForums Founder Resentenced to Three Years in Prison for Cybercrime

Do Son September 17, 2025

The U.S. Department of Justice (DOJ) announced the resentencing of Conor Brian Fitzpatrick, 22, of Peekskill, New...

RevengeHotels Strikes Back: AI-Generated Phishing and a New RAT Target Hotels RevengeHotels, Hospitality Cybercrime

RevengeHotels Strikes Back: AI-Generated Phishing and a New RAT Target Hotels

Do Son September 17, 2025

The long-running cybercrime group RevengeHotels—also tracked as TA558—has resurfaced with a new campaign targeting hotels and the...

Shai-Hulud Supply Chain Attack Now Targets CrowdStrike’s npm Packages supply-chain-attack

Shai-Hulud Supply Chain Attack Now Targets CrowdStrike’s npm Packages

Do Son September 17, 2025

The malicious supply chain campaign dubbed “Shai-Hulud” has struck again, this time compromising multiple npm packages published...

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

PureHVNC RAT: Inside the HVNC Malware and the PureCoder Ecosystem

Do Son September 17, 2025

A recent forensic investigation by Check Point Research (CPR) has shed light on the Pure malware family,...

A Digital Trojan Horse: A New Campaign Is Using SEO to Deliver Malware SEO poisoning, Hiddengh0st

A Digital Trojan Horse: A New Campaign Is Using SEO to Deliver Malware

Do Son September 16, 2025

Researchers at FortiGuard Labs have uncovered a sophisticated SEO poisoning campaign aimed at Chinese-speaking users. By manipulating...

Unveiling BaoLoader: How One Malware Family Abuses Trust for 7 Years BaoLoader, code-signing abuse

Unveiling BaoLoader: How One Malware Family Abuses Trust for 7 Years

Do Son September 15, 2025

Expel researchers have lifted the veil on a long-running malware operation abusing the global trust model of...

Phishing Wave Hits U.S. Energy Giants: Chevron, ConocoPhillips Targeted Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Phishing Wave Hits U.S. Energy Giants: Chevron, ConocoPhillips Targeted

Do Son September 15, 2025

The U.S. energy industry has become a prime target for large-scale phishing operations in 2025, according to...

Unveiling VoidProxy: The Phishing-as-a-Service That Bypasses MFA VoidProxy Phishing

Unveiling VoidProxy: The Phishing-as-a-Service That Bypasses MFA

Do Son September 12, 2025

Okta Threat Intelligence has published a detailed analysis of VoidProxy, a previously unreported Phishing-as-a-Service (PhaaS) platform that...

Beyond Cobalt Strike: A New Open-Source Hacking Tool Is on the Rise Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Winos 4.0 Malware Silver Fox APT RapperBot BVIEC cyberattack - CNC group DAMASCENED PEACOCK, malware analysis

Beyond Cobalt Strike: A New Open-Source Hacking Tool Is on the Rise

Do Son September 11, 2025

Researchers at Palo Alto Networks’ Unit 42 have published a report detailing the rise of AdaptixC2, an...

KillSec Ransomware Strikes Brazilian Healthcare Provider, Exposing Patient Data

Do Son September 11, 2025

Resecurity has reported that KillSec ransomware has targeted MedicSolution, a key healthcare software provider in Brazil, compromising...

Unsealed Indictment Exposes Mastermind Behind Notorious Ransomware Gangs WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware