Cybercriminals Archives • Page 28 of 34 • Daily CyberSecurity

Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727) SimpleHelp RMM, Ransomware

Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727)

Do Son June 13, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with its federal partners, has issued a high-priority...

TeamFiltration Weaponized: UNK_SneakyStrike Campaign Targets 80,000+ Microsoft Entra ID Accounts

Do Son June 13, 2025

According to a new report by Proofpoint, attackers are now actively exploiting the TeamFiltration penetration testing framework...

DeepSeek-R1 Chatbot Lure: BrowserVenom Malware Spreads via Google Ads, Hijacking Your Browser Traffic BrowserVenom, DeepSeek-R1

DeepSeek-R1 Chatbot Lure: BrowserVenom Malware Spreads via Google Ads, Hijacking Your Browser Traffic

Do Son June 13, 2025

The growing popularity of large language models (LLMs) has given rise to new and highly targeted malware...

HelloTDS Unmasked: Covert Traffic System Funnels Millions to FakeCaptcha Malware!

Do Son June 13, 2025

A complex and evasive infrastructure dubbed HelloTDS is silently steering millions of internet users into the clutches...

Warning: Don’t Blindly Click “Unsubscribe” Links! It Could Be a Cybersecurity Trap Unsubscribe Links, Cybersecurity

Warning: Don’t Blindly Click “Unsubscribe” Links! It Could Be a Cybersecurity Trap

Do Son June 12, 2025

Ordinarily, when we receive commercial advertisements or spam emails, it becomes second nature to click the “unsubscribe”...

Interpol & Asian Agencies Dismantle Major Malware Infrastructure: 20,000 Malicious IPs Blocked Malware Takedown, Interpol

Interpol & Asian Agencies Dismantle Major Malware Infrastructure: 20,000 Malicious IPs Blocked

Do Son June 12, 2025

Interpol recently disclosed the success of a coordinated operation targeting information-stealing malware, carried out in collaboration with...

MFA Bypass Alert: AitM Phishing Surges with Industrialized PhaaS Kits Targeting Microsoft 365 & Google Accounts!

Do Son June 12, 2025

A new global threat assessment from Sekoia.io’s Threat Detection & Research (TDR) team reveals an escalation in...

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse The credential harvesting window used by the Java RAT

The credential harvesting window used by the Java RAT

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse

Do Son June 12, 2025

Rapid7’s latest threat intelligence report shines a spotlight on the evolving tactics of threat actors formerly affiliated...

“GhostVendors”: Thousands of Fake Domains Exploit Facebook Ads in Massive Retail Scam

Do Son June 11, 2025

Cyber threat analysts at Silent Push have uncovered a sprawling digital fraud operation dubbed “GhostVendors”, a fake...

International Crackdown: Indian Authorities Dismantle Tech Support Scam Ring Targeting Elderly Tech Support Scams

International Crackdown: Indian Authorities Dismantle Tech Support Scam Ring Targeting Elderly

Do Son June 10, 2025

A surge of tech support scams targeting the elderly has recently become alarmingly rampant. These fraudulent operations...

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns China-nexus, Cyber-espionage

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns

Do Son June 10, 2025

SentinelLABS has unveiled an extensive report detailing a wave of cyber-espionage activity that directly targeted SentinelOne and...

Librarian Ghouls APT: The Threat Actor Turning Legitimate Tools into a Cybercrime Toolkit

Do Son June 10, 2025

A stealthy Advanced Persistent Threat (APT) group tracked as Librarian Ghouls—also known by aliases Rare Werewolf and...

UNC6040 Threat Actor Exploits Salesforce via Vishing and Malicious Data Loader Apps Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

UNC6040 Threat Actor Exploits Salesforce via Vishing and Malicious Data Loader Apps

Do Son June 6, 2025

Google Threat Intelligence Group (GTIG) has sounded the alarm on UNC6040, a financially motivated threat cluster waging...

Sophos Unmasks Sakura RAT: Hackers Hacking Hackers with Backdoored Malware! Sakura RAT, Hacker Malware

Sophos Unmasks Sakura RAT: Hackers Hacking Hackers with Backdoored Malware!

Do Son June 5, 2025

In a recent deep dive, Sophos X-Ops uncovered a sophisticated campaign that’s not targeting enterprises or governments,...

IBM X-Force Uncovers Hive0131’s Sophisticated DCRat Campaign Targeting Colombian Users

Do Son June 5, 2025

In early May 2025, IBM X-Force researchers observed an active phishing campaign targeting Colombian users with fake...

AI Interface Hijacked: Open WebUI Exploited for Cryptominers and Stealthy AI Malware Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

AI Interface Hijacked: Open WebUI Exploited for Cryptominers and Stealthy AI Malware

Do Son June 4, 2025

The Sysdig Threat Research Team (TRT) has uncovered a malicious campaign exploiting a misconfigured Open WebUI instance—an...

Cyber Giants Unite: Microsoft, Google, & Others Push for Unified Hacker Group Naming Threat Actor Naming, Cyber Threat Intelligence

Cyber Giants Unite: Microsoft, Google, & Others Push for Unified Hacker Group Naming

Do Son June 3, 2025

In light of the longstanding confusion caused by differing nomenclature used by nations and organizations to describe...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

BitoPro Silent on $11.5M Hack: Investigator Uncovers Massive Crypto Theft

Do Son June 3, 2025

Cryptocurrency investigator @zachxbt, while analyzing on-chain transactions, uncovered a suspicious movement of funds linked to the Taiwanese...

Haozi Returns: The Phishing-as-a-Service Platform Making Cybercrime Easy Haozi Phishing, PhaaS

Haozi Returns: The Phishing-as-a-Service Platform Making Cybercrime Easy

Do Son June 3, 2025

A new report from Netcraft has exposed the alarming return of Haozi, a Chinese-language Phishing-as-a-Service (PhaaS) platform...

Glitch Platform Abused: Phishing Campaigns Circumvent MFA and Target Credit Unions Glitch Phishing, MFA Bypass

Glitch Platform Abused: Phishing Campaigns Circumvent MFA and Target Credit Unions

Do Son June 3, 2025

From January to April 2025, Netskope Threat Labs uncovered a significant spike in phishing campaigns abusing the...

Critical Alert 1 Active Exploit Detected Today