Cybercrime

North Korean Hackers Abuse JSON Services to Deliver Malware Covertly

Researchers have uncovered that North Korean threat actors behind the Contagious Interview campaign are increasingly leveraging JSON storage services to host and deploy malicious payloads. These platforms allow attackers to operate covertly while blending in with normal traffic. Tactics and Techniques According to NVISO researchers Bart Parys, Stef Collart, and Efstratios Lontzetidis, the actors now […]

North Korean Hackers Abuse JSON Services to Deliver Malware Covertly Read More »

Fake Chrome Extension Safery Steals Ethereum Wallet Seed Phrases via Sui Blockchain

bersecurity researchers have discovered a malicious Chrome extension masquerading as a legitimate Ethereum wallet that secretly steals users’ seed phrases through an advanced blockchain-based exfiltration technique. The extension, named “Safery: Ethereum Wallet,” was falsely promoted as a secure Ethereum wallet for managing cryptocurrency with customizable settings. It was first uploaded to the Chrome Web Store

Fake Chrome Extension Safery Steals Ethereum Wallet Seed Phrases via Sui Blockchain Read More »

CISA Warns of Critical WatchGuard Fireware Vulnerability Exposing 54,000 Fireboxes to Unauthenticated Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert, adding a severe vulnerability found in WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation in the wild. The flaw, tracked as CVE-2025-9242 with a CVSS score of 9.3, is an out-of-bounds write vulnerability affecting the following Fireware

CISA Warns of Critical WatchGuard Fireware Vulnerability Exposing 54,000 Fireboxes to Unauthenticated Attacks Read More »

Google Files Lawsuit Against China-Based Hackers Operating $1 Billion Lighthouse Phishing Network

Google has filed a civil suit in the U.S. District Court for the Southern District of New York against China-based operators of a large Phishing-as-a-Service platform called Lighthouse, alleging the network has ensnared over 1 million victims across 120 countries and generated more than $1 billion in illicit revenue over three years. The complaint seeks

Google Files Lawsuit Against China-Based Hackers Operating $1 Billion Lighthouse Phishing Network Read More »

WhatsApp ‘Maverick’ Malware Hijacks Browser Sessions to Target Brazil’s Biggest Banks

Cybersecurity researchers have uncovered a sophisticated banking malware campaign in Brazil involving a new threat called Maverick, which spreads via WhatsApp and targets banking users by hijacking browser sessions. The campaign shows strong links to a prior malware strain known as Coyote, though Maverick exhibits new propagation and remote control techniques. How Maverick Spreads Maverick

WhatsApp ‘Maverick’ Malware Hijacks Browser Sessions to Target Brazil’s Biggest Banks Read More »

Android Trojan ‘Fantasy Hub’ Turns Telegram into a Malware Service Hub for Hackers

A sophisticated new Android Remote Access Trojan (RAT) named “Fantasy Hub” is being marketed as Malware-as-a-Service (MaaS) on Russian-speaking Telegram channels. This malware provides attackers with comprehensive control over infected devices, posing a direct threat to both individual mobile banking users and enterprises with Bring Your Own Device (BYOD) policies. A Professionalized Cybercrime Service Fantasy

Android Trojan ‘Fantasy Hub’ Turns Telegram into a Malware Service Hub for Hackers Read More »

Large-Scale ClickFix Phishing Campaign Targets Hotel Systems Using PureRAT Malware

A widespread phishing operation is targeting the hospitality sector, tricking hotel staff and guests into revealing sensitive credentials and payment data. The campaign uses compromised email accounts to impersonate legitimate booking platforms, then redirects victims to ClickFix-style pages that ultimately deliver PureRAT, a modular remote access trojan. Security firms link the activity to attacks active

Large-Scale ClickFix Phishing Campaign Targets Hotel Systems Using PureRAT Malware Read More »

New Browser Security Report Highlights Emerging Enterprise Threats

A new Browser Security Report 2025 reveals a fundamental shift in the corporate threat landscape. The user’s browser has become the central hub where identity, SaaS, and AI-related risks converge. Traditional security tools, operating at a lower level, are failing to protect this new, parallel attack surface where unmanaged extensions, personal AI accounts, and stolen

New Browser Security Report Highlights Emerging Enterprise Threats Read More »

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine

A previously unidentified threat actor, aligned with Russian interests, has been discovered impersonating the cybersecurity firm ESET in a sophisticated phishing campaign against Ukrainian targets. The attacks, detected in May 2025, involved distributing malicious software installers that deployed a stealthy backdoor known as Kalambur. Deceptive Phishing Lures and Communication Channels The group, tracked by ESET

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine Read More »

SonicWall Confirms State Sponsored Hackers Behind September Cloud Backup Breach

Network security giant SonicWall has officially confirmed that a sophisticated state-sponsored threat actor was responsible for a September security incident. The breach resulted in the unauthorized access of firewall configuration backup files from a specific cloud environment, though the company has assured customers that its core products and firmware remain unaffected. Isolated Breach in a

SonicWall Confirms State Sponsored Hackers Behind September Cloud Backup Breach Read More »