Cyber Security

Brazilian LofyGang Returns After Three Years With Minecraft-Based LofyStealer Campaign

A Brazil-linked cybercrime group has resurfaced after more than three years, launching a fresh malware campaign aimed at Minecraft players. The operation introduces a new information-stealing tool known as LofyStealer, also referred to as GrabBot. Malware Disguised as a Minecraft Tool According to findings from ZenoX, the malware is distributed under the guise of a Minecraft […]

Brazilian LofyGang Returns After Three Years With Minecraft-Based LofyStealer Campaign Read More »

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Fuel Global SMS and Crypto Fraud

Security researchers have identified an extensive telecommunications fraud operation deploying deceptive verification techniques to deceive mobile phone users into sending premium-rate international text messages, generating substantial illegal revenue for criminals controlling the receiving phone numbers. Cybersecurity firm Infoblox published comprehensive analysis revealing a telecommunications revenue-share fraud campaign involving elaborate social engineering tactics combined with malicious

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Fuel Global SMS and Crypto Fraud Read More »

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Take Over TBK DVRs for DDoS Botnet Operations

Cybersecurity researchers have uncovered a new wave of attacks where threat actors are exploiting vulnerabilities in TBK digital video recorders and outdated TP-Link routers to deploy a powerful Mirai-based botnet. The findings were reported by Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. Exploitation of TBK DVR Devices The attack specifically targets TBK DVR systems by abusing CVE-2024-3721,

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Take Over TBK DVRs for DDoS Botnet Operations Read More »

Obsidian Plugin Exploitation Spreads PHANTOMPULSE RAT in Targeted Finance and Crypto Attacks

A newly identified cyber campaign has revealed how attackers are exploiting trusted software tools to infiltrate high-value targets. Security researchers have uncovered a sophisticated operation that abuses the popular note-taking application Obsidian to distribute a previously unknown remote access trojan called PHANTOMPULSE RAT. The attacks are primarily aimed at individuals working in financial services and cryptocurrency sectors, where

Obsidian Plugin Exploitation Spreads PHANTOMPULSE RAT in Targeted Finance and Crypto Attacks Read More »

UAC-0247 Launches Data-Theft Malware Campaign Against Ukrainian Clinics and Government Entities

A newly uncovered cyber espionage operation has raised concerns after Ukraine’s national cybersecurity authority, Computer Emergency Response Team of Ukraine, revealed a coordinated malware campaign aimed at government institutions and healthcare facilities. The attacks primarily focus on clinics and emergency hospitals, with the objective of stealing highly sensitive data. Attack Timeline and Threat Actor Profile Security

UAC-0247 Launches Data-Theft Malware Campaign Against Ukrainian Clinics and Government Entities Read More »

n8n Webhooks Exploited Since October 2025 to Spread Malware Through Phishing Emails

Cybersecurity specialists have identified a significant vulnerability in how workflow automation platforms are being weaponized by criminal organizations. Since the latter part of 2025, malicious actors have systematically exploited n8n—a widely-used cloud-based process automation solution—to conduct elaborate phishing schemes and deploy harmful software. Researchers from Cisco’s threat intelligence division documented the concerning trend in a

n8n Webhooks Exploited Since October 2025 to Spread Malware Through Phishing Emails Read More »

Microsoft Releases Security Updates Fixing SharePoint Zero-Day and 168 Additional Vulnerabilities

Microsoft has released its latest Patch Tuesday security updates, addressing a total of 169 vulnerabilities across its software ecosystem. Among these is a zero-day vulnerability in SharePoint Server that is currently being exploited in real-world attacks. Breakdown of Vulnerabilities Out of the 169 identified flaws: A large portion of these issues, around 93 vulnerabilities, are related to privilege escalation. Other

Microsoft Releases Security Updates Fixing SharePoint Zero-Day and 168 Additional Vulnerabilities Read More »

Anthropic’s Claude Mythos Uncovers Thousands of Zero-Day Vulnerabilities Across Major Systems

Artificial intelligence company Anthropic has introduced a new cybersecurity initiative called Project Glasswing, powered by an advanced preview model known as Claude Mythos. The program aims to strengthen global software security by identifying and fixing critical vulnerabilities before they can be exploited. The initiative will involve collaboration with major technology and security organizations, including Amazon

Anthropic’s Claude Mythos Uncovers Thousands of Zero-Day Vulnerabilities Across Major Systems Read More »

AitM Phishing Attack Targets TikTok Business Accounts by Bypassing Cloudflare Turnstile Security

Cybersecurity researchers have uncovered a sophisticated phishing campaign designed to compromise TikTok for Business accounts using advanced adversary-in-the-middle (AitM) techniques. The operation, identified by Push Security, highlights how attackers are evolving their tactics to bypass modern security defenses. Business Accounts Become High-Value Targets Accounts linked to social media platforms are increasingly attractive to cybercriminals. Once compromised,

AitM Phishing Attack Targets TikTok Business Accounts by Bypassing Cloudflare Turnstile Security Read More »

LeakBase Administrator Arrested in Russia Over Massive Stolen Credential Marketplace

Russian authorities have arrested the alleged administrator of the LeakBase cybercrime forum, a platform known for trading stolen personal and corporate data, state media reported. Details of the Arrest According to TASS and MVD Media, the suspect, a resident of Taganrog, was detained for creating and managing a criminal website that allowed stolen databases to be bought and sold since

LeakBase Administrator Arrested in Russia Over Massive Stolen Credential Marketplace Read More »