Cyber Security

U.S. DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams

The U.S. Department of Justice announced the seizure of approximately 61 million dollars in Tether connected to large scale cryptocurrency fraud operations commonly referred to as pig butchering scams. Authorities stated that the confiscated digital assets were traced to wallet addresses used to launder proceeds stolen from victims of fraudulent crypto investment schemes. Federal investigators […]

U.S. DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams Read More »

Over 900 Sangoma FreePBX Instances Compromised in Active Web Shell Attacks

More than 900 internet facing FreePBX systems from Sangoma Technologies remain compromised with web shells following exploitation of a serious command injection vulnerability, according to findings released by Shadowserver Foundation. The large scale compromise began in December 2025 and continues to impact organizations worldwide. Of the affected instances, 401 are located in the United States, 51 in Brazil,

Over 900 Sangoma FreePBX Instances Compromised in Active Web Shell Attacks Read More »

Malicious Go Crypto Module Steals Passwords and Installs Rekoobe Backdoor

Cybersecurity researchers have uncovered a harmful Go programming module that impersonates a trusted cryptography library while secretly stealing passwords and deploying a Linux backdoor known as Rekoobe. The rogue package, published under the path github[.]com/xinfeisoft/crypto, mimics the legitimate Go cryptography repository golang.org/x/crypto. However, instead of providing safe cryptographic utilities, it embeds hidden functionality designed to intercept sensitive

Malicious Go Crypto Module Steals Passwords and Installs Rekoobe Backdoor Read More »

ScarCruft Uses Zoho WorkDrive and USB Malware to Infiltrate Air Gapped Networks

The North Korean threat group known as ScarCruft has been linked to a sophisticated cyber espionage campaign that leverages cloud storage services and removable media to infiltrate even isolated environments. Security researchers at Zscaler ThreatLabz have named the operation Ruby Jumper. The campaign, uncovered in December 2025, introduces several new malware families designed to conduct surveillance, move laterally across

ScarCruft Uses Zoho WorkDrive and USB Malware to Infiltrate Air Gapped Networks Read More »

Trojanized Gaming Tools Distribute Java Based RAT Through Browsers and Chat Platforms

Cybersecurity researchers are warning that attackers are disguising malicious software as popular gaming utilities to infect unsuspecting users. The campaign relies on browser downloads and chat platform sharing to deliver a Java based remote access trojan, enabling full control over compromised systems. According to the Microsoft Threat Intelligence team, the infection process begins with a malicious downloader

Trojanized Gaming Tools Distribute Java Based RAT Through Browsers and Chat Platforms Read More »

Meta Files Lawsuits Against Brazil, China, and Vietnam Advertisers Over Celebrity Bait Scams

Meta has announced a sweeping legal campaign aimed at disrupting fraudulent advertising operations running across its platforms. The company confirmed it has filed lawsuits against advertisers located in Brazil, China, and Vietnam who allegedly orchestrated large scale celebrity bait scams and deceptive ad schemes. According to Meta, the enforcement action includes suspending payment methods, shutting down related advertising accounts,

Meta Files Lawsuits Against Brazil, China, and Vietnam Advertisers Over Celebrity Bait Scams Read More »

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Avoid Takedown

Cybersecurity researchers have uncovered a sophisticated botnet loader named Aeternum C2 that leverages blockchain technology to maintain a resilient and takedown resistant command and control infrastructure. Instead of relying on conventional domains or centralized servers, the malware stores encrypted instructions directly on the Polygon blockchain. According to research published by Qrator Labs, this strategy enables

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Avoid Takedown Read More »

Google Disrupts UNC2814 GRIDTIDE Campaign Following 53 Breaches in 42 Countries

Google has announced a coordinated effort with industry partners to dismantle the infrastructure of a suspected China linked cyber espionage group identified as UNC2814. The campaign is confirmed to have compromised at least 53 organizations across 42 countries, making it one of the most extensive cyber espionage operations uncovered in recent years. According to a

Google Disrupts UNC2814 GRIDTIDE Campaign Following 53 Breaches in 42 Countries Read More »

Claude Code Vulnerabilities Enable Remote Code Execution and API Key Theft

Cybersecurity researchers have revealed several critical security flaws in Anthropic’s Claude Code, an AI-driven coding assistant, which could allow attackers to execute remote code and steal API credentials. Check Point researchers Aviv Donenfeld and Oded Vanunu reported, “These vulnerabilities exploit multiple configuration points, including Hooks, Model Context Protocol (MCP) servers, and environment variables. Attackers can

Claude Code Vulnerabilities Enable Remote Code Execution and API Key Theft Read More »

SLH Offers $500 to $1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks

The cybercrime collective Scattered LAPSUS$ Hunters (SLH) has been reported recruiting women to execute voice phishing (vishing) attacks against IT help desks. According to Dataminr, the group is offering $500–$1,000 per call and supplying pre-written scripts to maximize the chances of success. The initiative reflects a shift in social engineering tactics, leveraging the assumption that female voices may

SLH Offers $500 to $1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks Read More »