Cybercrime

Android Trojan ‘Fantasy Hub’ Turns Telegram into a Malware Service Hub for Hackers

A sophisticated new Android Remote Access Trojan (RAT) named “Fantasy Hub” is being marketed as Malware-as-a-Service (MaaS) on Russian-speaking Telegram channels. This malware provides attackers with comprehensive control over infected devices, posing a direct threat to both individual mobile banking users and enterprises with Bring Your Own Device (BYOD) policies. A Professionalized Cybercrime Service Fantasy […]

Android Trojan ‘Fantasy Hub’ Turns Telegram into a Malware Service Hub for Hackers Read More »

Large-Scale ClickFix Phishing Campaign Targets Hotel Systems Using PureRAT Malware

A widespread phishing operation is targeting the hospitality sector, tricking hotel staff and guests into revealing sensitive credentials and payment data. The campaign uses compromised email accounts to impersonate legitimate booking platforms, then redirects victims to ClickFix-style pages that ultimately deliver PureRAT, a modular remote access trojan. Security firms link the activity to attacks active

Large-Scale ClickFix Phishing Campaign Targets Hotel Systems Using PureRAT Malware Read More »

New Browser Security Report Highlights Emerging Enterprise Threats

A new Browser Security Report 2025 reveals a fundamental shift in the corporate threat landscape. The user’s browser has become the central hub where identity, SaaS, and AI-related risks converge. Traditional security tools, operating at a lower level, are failing to protect this new, parallel attack surface where unmanaged extensions, personal AI accounts, and stolen

New Browser Security Report Highlights Emerging Enterprise Threats Read More »

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine

A previously unidentified threat actor, aligned with Russian interests, has been discovered impersonating the cybersecurity firm ESET in a sophisticated phishing campaign against Ukrainian targets. The attacks, detected in May 2025, involved distributing malicious software installers that deployed a stealthy backdoor known as Kalambur. Deceptive Phishing Lures and Communication Channels The group, tracked by ESET

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine Read More »

SonicWall Confirms State Sponsored Hackers Behind September Cloud Backup Breach

Network security giant SonicWall has officially confirmed that a sophisticated state-sponsored threat actor was responsible for a September security incident. The breach resulted in the unauthorized access of firewall configuration backup files from a specific cloud environment, though the company has assured customers that its core products and firmware remain unaffected. Isolated Breach in a

SonicWall Confirms State Sponsored Hackers Behind September Cloud Backup Breach Read More »

U.S. Imposes Sanctions on 10 North Korean Entities for Laundering $12.7 Million Through Crypto and IT Fraud

In a significant move to disrupt North Korea’s illicit financing activities, the U.S. Treasury Department has sanctioned a network of ten individuals and entities. This action targets those accused of laundering millions of dollars generated through cybercrime and a global IT worker fraud scheme, directly channeling funds into the regime’s prohibited weapons development programs. Targeting

U.S. Imposes Sanctions on 10 North Korean Entities for Laundering $12.7 Million Through Crypto and IT Fraud Read More »

Unprecedented Cybercrime Alliance: Scattered Spider, LAPSUS$, and ShinyHunters Join Forces

A new and alarming cyber alliance has surfaced, merging three of the most infamous hacker groups — Scattered Spider, LAPSUS$, and ShinyHunters. Together, they have formed a unified collective called Scattered LAPSUS$ Hunters (SLH), signaling a new phase of organized cybercrime that blends extortion, social engineering, and brand manipulation. A New Wave of Cyber Collaboration

Unprecedented Cybercrime Alliance: Scattered Spider, LAPSUS$, and ShinyHunters Join Forces Read More »

Europol and Eurojust Dismantle 600 Million Euro Crypto Fraud Network in Global Operation

In a major international law enforcement operation, nine individuals have been arrested for their alleged roles in a sophisticated cryptocurrency money laundering network that defrauded victims of an estimated €600 million (approximately $688 million). The coordinated takedown highlights the global fight against increasingly professionalized crypto-enabled financial crimes. A Coordinated Cross-Border Takedown The operation, which took place between

Europol and Eurojust Dismantle 600 Million Euro Crypto Fraud Network in Global Operation Read More »

Operation SkyCloak Uses Tor-Enabled OpenSSH Backdoor to Target Defense Organizations

A sophisticated cyber espionage campaign, dubbed Operation SkyCloak, is using weaponized phishing emails to deploy a highly stealthy backdoor on target systems. The malware establishes persistent remote access by combining a customized OpenSSH server with a Tor hidden service, creating a covert channel that is extremely difficult to trace. The Lure: Phishing with Military Documents The

Operation SkyCloak Uses Tor-Enabled OpenSSH Backdoor to Target Defense Organizations Read More »

U.S. Prosecutors Charge Cybersecurity Insiders for Involvement in BlackCat Ransomware Attacks

In a case that blurs the line between defender and attacker, U.S. federal prosecutors have charged three individuals, including two cybersecurity professionals, for their alleged involvement in a series of BlackCat (ALPHV) ransomware attacks targeting American companies. The accused allegedly exploited their industry positions to carry out and negotiate extortion schemes. The Accused: From Threat

U.S. Prosecutors Charge Cybersecurity Insiders for Involvement in BlackCat Ransomware Attacks Read More »