Cybercriminals Archives • Page 27 of 34 • Daily CyberSecurity

EvilConwi: Hackers Abuse Signed ConnectWise Installers to Launch Stealth Remote Access Attacks abuse

EvilConwi: Hackers Abuse Signed ConnectWise Installers to Launch Stealth Remote Access Attacks

Do Son June 24, 2025

Threat actors have begun weaponizing legitimately signed ConnectWise ScreenConnect installers, hijacking the trust of signed software to...

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks CVE-2024-3393 - Zservers sanctions

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks

Do Son June 24, 2025

A new report from EnkiWhiteHat has unveiled a sophisticated cyber espionage operation that leverages GitHub private repositories,...

CoinTelegraph Hacked: Fake CTG Airdrop Scam Steals Crypto Via Malicious Pop-Ups CoinTelegraph Hack, Crypto Scam

CoinTelegraph Hacked: Fake CTG Airdrop Scam Steals Crypto Via Malicious Pop-Ups

Do Son June 23, 2025

The prominent cryptocurrency news platform CoinTelegraph fell victim to a cyberattack on June 22, 2025, at 22:41...

CoinMarketCap Hacked: “Doodle” Graphic Delivers Malware, Stealing $43K+ from User Wallets CoinMarketCap Hack, Inferno Drainer CVE-2024-53677 PoC Exploit

CoinMarketCap Hack, Inferno Drainer CVE-2024-53677 PoC Exploit

CoinMarketCap Hacked: “Doodle” Graphic Delivers Malware, Stealing $43K+ from User Wallets

Do Son June 23, 2025

On June 20, 2025, CoinMarketCap (CMC)—a trusted name in the crypto ecosystem—fell victim to a highly coordinated...

Cloudflare Mitigates Record 7.3 Tbps DDoS Attack: 37.4 TB in 45 Seconds Cloudflare DDoS, Record Attack

Cloudflare Mitigates Record 7.3 Tbps DDoS Attack: 37.4 TB in 45 Seconds

Do Son June 23, 2025

According to an announcement from internet services provider Cloudflare, the company successfully mitigated a massive DDoS (Distributed...

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign! Shadow Vector, RAT Malware

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign!

Do Son June 23, 2025

The Acronis Threat Research Unit (TRU) has uncovered a stealthy and technically mature malware campaign dubbed Shadow...

Crypto Tax Scam Sweeps Europe: Fake Government Sites Drain Wallets Via Seed Phrase Theft & Malicious Web3

Do Son June 21, 2025

A new and deeply deceptive crypto scam is making waves across Europe, targeting unsuspecting users by impersonating...

Search Hijacking: Cybercriminals Turn Google Ads into Tech Support Scam Portals Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

Search Hijacking: Cybercriminals Turn Google Ads into Tech Support Scam Portals

Do Son June 21, 2025

Malwarebytes has revealed how cybercriminals are leveraging fake Google search results to impersonate popular brands and trick...

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

SERPENTINE#CLOUD: Stealthy Malware Campaign Leverages Cloudflare Tunnels for In-Memory RAT Delivery

Do Son June 20, 2025

A newly uncovered malicious campaign, dubbed SERPENTINE#CLOUD, leverages Cloudflare Tunnel subdomains to deliver payloads via phishing email...

Banana Squad Strikes Again: 60+ GitHub Repositories Trojanized in New Software Supply Chain Attack

Do Son June 20, 2025

A newly uncovered software supply chain campaign by the threat group Banana Squad has compromised more than...

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals North Korean APT, PylangGhost

PylangGhost: North Korean APT Deploys Python-Based RAT to Target Crypto Professionals

Do Son June 20, 2025

Recently, Cisco Talos unveiled a new Python-based remote access trojan (RAT) dubbed PylangGhost, used exclusively by a...

Tor Meets Docker: Sophisticated Crypto-Mining Campaign Hijacks Misconfigured APIs

Do Son June 19, 2025

Trend Micro researchers have uncovered a stealthy new attack method that fuses misconfigured Docker remote APIs with...

MySQL Servers Under Attack: Threat Actors Exploiting UDFs to Inject Gh0stRAT, XWorm & Zoho Agents MySQL Attacks, UDF Exploitation pREST, SQL injection

MySQL Attacks, UDF Exploitation pREST, SQL injection

MySQL Servers Under Attack: Threat Actors Exploiting UDFs to Inject Gh0stRAT, XWorm & Zoho Agents

Do Son June 19, 2025

Threat actors are ramping up attacks on poorly managed MySQL servers, particularly those running in Windows environments,...

Elastic Uncovers Stealthy Campaign Using GHOSTPULSE and ARECHCLIENT2 Malware Fake captcha

Elastic Uncovers Stealthy Campaign Using GHOSTPULSE and ARECHCLIENT2 Malware

Do Son June 19, 2025

Elastic Security Labs has revealed a highly sophisticated multi-stage attack chain exploiting a social engineering method dubbed...

Water Curse: GitHub Supply Chain Attack Spreads Malware via Fake Tools, Targets Devs & Gamers

Do Son June 17, 2025

In a sweeping campaign that blends social engineering with software subversion, a newly identified threat actor dubbed...

GrayAlpha’s Expanding Arsenal: FIN7-Aligned Threat Actor Deploys Custom Loaders to Spread NetSupport RAT

Do Son June 17, 2025

A newly uncovered campaign by threat actor GrayAlpha, which overlaps with the infamous FIN7 cybercrime syndicate, reveals...

Google Play Store Alert: New Phishing Apps Bypass Security, Stealing Crypto Wallet Seeds Crypto Phishing Apps, Google Play Store

Google Play Store Alert: New Phishing Apps Bypass Security, Stealing Crypto Wallet Seeds

Do Son June 16, 2025

Both the Apple App Store and Google Play Store are frequently found to host malicious applications, despite...

Obscure VBScript “sostener.vbs” Unmasked: Fuels Multi-Stage RAT Delivery, Linked to Blind Eagle APT

Do Son June 16, 2025

In a deeply revealing investigation, Censys researchers have uncovered a web of malicious infrastructure revolving around a...

VexTrio Exposed: Infoblox Uncovers Massive Malicious Adtech Ecosystem Powering Global Malware VexTrio, Malicious Adtech

VexTrio Exposed: Infoblox Uncovers Massive Malicious Adtech Ecosystem Powering Global Malware

Do Son June 16, 2025

When Infoblox researchers set out to disrupt the notorious Traffic Distribution System (TDS) known as VexTrio, they...

Discord Invite System Hijacked: Expired Links Now Lead to Crypto-Stealing Malware

Do Son June 15, 2025

In the latest expose from Check Point Research, Discord’s once-trusted invite system has been turned against its...

Critical Alert 1 Active Exploit Detected Today