Cybercriminals Archives • Page 22 of 34 • Daily CyberSecurity

Click-to-Compromise: PowerShell-Only RAT Campaign Targets Israeli Organizations PowerShell Phishing

Click-to-Compromise: PowerShell-Only RAT Campaign Targets Israeli Organizations

Do Son August 13, 2025

The FortiMail Workspace Security team has uncovered a targeted intrusion campaign against multiple Israeli organizations, exploiting compromised...

PoisonSeed’s MFA-Resistant Phishing Kit Exposed: A Deep Dive into Precision-Validated Credential Theft

Do Son August 13, 2025

A new NVISO investigation has revealed the inner workings of PoisonSeed, a sophisticated threat actor whose tactics...

GreedyBear Unmasked: How Stealthy Firefox Extensions and Fake Sites Stole $1M in Crypto GreedyBear, Cryptocurrency Theft

GreedyBear Unmasked: How Stealthy Firefox Extensions and Fake Sites Stole $1M in Crypto

Do Son August 11, 2025

Koi Security’s research team has unveiled GreedyBear, a threat group orchestrating industrial-scale cryptocurrency theft through a seamless...

ScarCruft APT Deploys VCD Ransomware, Uses PubNub & New Malware in Espionage Campaign North Korea APT, PubNub Abuse

ScarCruft APT Deploys VCD Ransomware, Uses PubNub & New Malware in Espionage Campaign

Do Son August 11, 2025

S2W’s Threat Analysis and Intelligence Center (TALON) has uncovered a sophisticated malware campaign attributed to the North...

Raksha Bandhan Scams Surge in India: Phishing, Fake Stores, and Virtual Sibling Cons Target Festival Shoppers Raksha Bandhan Scams, Phishing Campaigns

Raksha Bandhan Scams, Phishing Campaigns

Raksha Bandhan Scams Surge in India: Phishing, Fake Stores, and Virtual Sibling Cons Target Festival Shoppers

Do Son August 9, 2025

As families across India prepare to celebrate Raksha Bandhan, cybercriminals are also gearing up — not with...

GitLab Exposes a Clever Crypto Scam: Malicious PyPI Packages Hijack Bittensor Staking Bittensor Typosquatting, Crypto Scam

GitLab Exposes a Clever Crypto Scam: Malicious PyPI Packages Hijack Bittensor Staking

Do Son August 8, 2025

GitLab’s Vulnerability Research team has exposed a sophisticated cryptocurrency theft campaign targeting the Bittensor decentralized AI network...

The Billion-Dollar Smishing Empire: How Chinese Syndicates Are Hacking Apple & Google Wallets Smishing, Digital Wallet Fraud

The Billion-Dollar Smishing Empire: How Chinese Syndicates Are Hacking Apple & Google Wallets

Do Son August 8, 2025

A sweeping investigation by Security Alliance has uncovered a vast, evolving cybercriminal infrastructure driven by Chinese-speaking smishing...

Google Admits Salesforce Breach, Joins Chanel & Allianz on ShinyHunters Victim List

Do Son August 7, 2025

A recent surge of persistent attacks targeting Salesforce CRM customer management systems has emerged—not due to vulnerabilities...

The AK47 Project: New Report Ties Storm-2603 to LockBit and Warlock Ransomware, SharePoint Exploits

Do Son August 7, 2025

In a revelation, Unit 42 has exposed a financially motivated cyber threat actor cluster, dubbed CL-CRI-1040, with...

From Bing Search to Ransomware in <44 Hours: Bumblebee Loader Deploys Destructive Akira Ransomware via SEO Poisoning Bumblebee Malware, Akira Ransomware

From Bing Search to Ransomware in <44 Hours: Bumblebee Loader Deploys Destructive Akira Ransomware via SEO Poisoning

Do Son August 6, 2025

In a reminder that even a Google or Bing search can be the first step in a...

Mustang Panda Backdoor Exposed: New ToneShell Malware Masquerades as Chrome to Spy on Gov’t & Military Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mustang Panda Backdoor Exposed: New ToneShell Malware Masquerades as Chrome to Spy on Gov’t & Military

Do Son August 6, 2025

A new threat analysis by Kyaw Pyiyt Htet, a CREST-certified Threat Intelligence Analyst, has revealed the inner...

The Fake Crypto Bot Scam: How Smart Contracts & AI Videos Are Stealing Millions on YouTube Crypto Scam, Executive Fraud business email compromise scam

Crypto Scam, Executive Fraud business email compromise scam

The Fake Crypto Bot Scam: How Smart Contracts & AI Videos Are Stealing Millions on YouTube

Do Son August 6, 2025

SentinelLABS has detailed a coordinated wave of cryptocurrency scams weaponizing malicious smart contracts promoted as arbitrage trading...

The AI Phishing Trap: Zscaler Exposes Fake Brazilian Government Websites Generated by AI to Steal Payments

Do Son August 6, 2025

Zscaler’s ThreatLabz has uncovered a phishing campaign that leverages generative AI to construct high-fidelity replicas of Brazilian...

APT36 Targets Indian Government with Sophisticated Phishing, Bypassing MFA with Real-Time OTP Harvest APT36, Indian Government Phishing

APT36 Targets Indian Government with Sophisticated Phishing, Bypassing MFA with Real-Time OTP Harvest

Do Son August 5, 2025

A new report by CYFIRMA has uncovered a meticulously crafted phishing campaign attributed to APT36 (Transparent Tribe),...

Beavertail Malware Returns: North Korean Hackers Use NPM Packages to Steal Crypto & Secrets North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Beavertail Malware Returns: North Korean Hackers Use NPM Packages to Steal Crypto & Secrets

Do Son August 5, 2025

Veracode Threat Research has released an update on an ongoing North Korean cyber-espionage campaign that is actively...

Kimsuky APT Escalates Cyberespionage with Stealthy LNK Files & Reflective Malware Payloads Kimsuky APT, Cyberespionage

Kimsuky APT Escalates Cyberespionage with Stealthy LNK Files & Reflective Malware Payloads

Do Son August 5, 2025

A new report from Aryaka Threat Research Labs has disclosured one of the most technically sophisticated and...

ShadowSyndicate’s Global Ransomware Empire Blurs Lines Between Cybercrime and Geopolitical Espionage ShadowSyndicate, Ransomware-as-a-Service

ShadowSyndicate, Ransomware-as-a-Service

ShadowSyndicate’s Global Ransomware Empire Blurs Lines Between Cybercrime and Geopolitical Espionage

Do Son August 4, 2025

In a recent investigation, cybersecurity firm Intrinsec has illuminated the sprawling infrastructure of ShadowSyndicate, a clandestine threat...

Storm-2603: Chinese APT Deploys Warlock & LockBit with AK47C2 Framework Antivirus Terminator supported arguments when run without parameters

Storm-2603: Chinese APT Deploys Warlock & LockBit with AK47C2 Framework

Do Son August 4, 2025

Check Point Research (CPR) has detailed a previously undocumented Chinese-affiliated threat actor—Storm-2603—linked to aggressive campaigns exploiting Microsoft...

The Ultimate Insider Threat: How North Korean IT Workers Infiltrated the Global Remote Economy North Korea Espionage, Disguised IT Workers

The Ultimate Insider Threat: How North Korean IT Workers Infiltrated the Global Remote Economy

Do Son August 2, 2025

In an expose, DomainTools has peeled back the curtain on one of the most sophisticated and economically...

The OAuth Phishing Trap: Proofpoint Exposes AiTM Attacks That Bypass MFA to Hijack Cloud Accounts Fake Microsoft landing page, capturing MFA

The OAuth Phishing Trap: Proofpoint Exposes AiTM Attacks That Bypass MFA to Hijack Cloud Accounts

Do Son August 2, 2025

Proofpoint has revealed a persistent wave of adversary-in-the-middle (AiTM) phishing campaigns that exploit Microsoft OAuth applications to...

Critical Alert 1 Active Exploit Detected Today