Cybercrime

U.S. Imposes Sanctions on 10 North Korean Entities for Laundering $12.7 Million Through Crypto and IT Fraud

In a significant move to disrupt North Korea’s illicit financing activities, the U.S. Treasury Department has sanctioned a network of ten individuals and entities. This action targets those accused of laundering millions of dollars generated through cybercrime and a global IT worker fraud scheme, directly channeling funds into the regime’s prohibited weapons development programs. Targeting […]

U.S. Imposes Sanctions on 10 North Korean Entities for Laundering $12.7 Million Through Crypto and IT Fraud Read More »

Unprecedented Cybercrime Alliance: Scattered Spider, LAPSUS$, and ShinyHunters Join Forces

A new and alarming cyber alliance has surfaced, merging three of the most infamous hacker groups — Scattered Spider, LAPSUS$, and ShinyHunters. Together, they have formed a unified collective called Scattered LAPSUS$ Hunters (SLH), signaling a new phase of organized cybercrime that blends extortion, social engineering, and brand manipulation. A New Wave of Cyber Collaboration

Unprecedented Cybercrime Alliance: Scattered Spider, LAPSUS$, and ShinyHunters Join Forces Read More »

Europol and Eurojust Dismantle 600 Million Euro Crypto Fraud Network in Global Operation

In a major international law enforcement operation, nine individuals have been arrested for their alleged roles in a sophisticated cryptocurrency money laundering network that defrauded victims of an estimated €600 million (approximately $688 million). The coordinated takedown highlights the global fight against increasingly professionalized crypto-enabled financial crimes. A Coordinated Cross-Border Takedown The operation, which took place between

Europol and Eurojust Dismantle 600 Million Euro Crypto Fraud Network in Global Operation Read More »

Operation SkyCloak Uses Tor-Enabled OpenSSH Backdoor to Target Defense Organizations

A sophisticated cyber espionage campaign, dubbed Operation SkyCloak, is using weaponized phishing emails to deploy a highly stealthy backdoor on target systems. The malware establishes persistent remote access by combining a customized OpenSSH server with a Tor hidden service, creating a covert channel that is extremely difficult to trace. The Lure: Phishing with Military Documents The

Operation SkyCloak Uses Tor-Enabled OpenSSH Backdoor to Target Defense Organizations Read More »

U.S. Prosecutors Charge Cybersecurity Insiders for Involvement in BlackCat Ransomware Attacks

In a case that blurs the line between defender and attacker, U.S. federal prosecutors have charged three individuals, including two cybersecurity professionals, for their alleged involvement in a series of BlackCat (ALPHV) ransomware attacks targeting American companies. The accused allegedly exploited their industry positions to carry out and negotiate extortion schemes. The Accused: From Threat

U.S. Prosecutors Charge Cybersecurity Insiders for Involvement in BlackCat Ransomware Attacks Read More »

New Business Email Protection Method Blocks Phishing Attack Behind NPM Breach

A highly sophisticated phishing campaign successfully targeted high-profile developers on the NPM registry in September 2025, leading to one of the most significant supply chain attacks in its history. The attackers combined convincing social engineering with technical precision to steal credentials and inject malicious code into widely used packages, ultimately aiming to hijack cryptocurrency transactions.

New Business Email Protection Method Blocks Phishing Attack Behind NPM Breach Read More »

Researchers Discover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Information

Cybersecurity researchers have exposed two sophisticated Android trojans, BankBot-YNRK and DeliveryRAT, which are actively stealing sensitive financial information from users worldwide. These malware families employ advanced evasion techniques and abuse core phone functionalities to commit fraud and data theft on a significant scale. BankBot-YNRK: A Highly Evasive Banking Trojan Analyzed by CYFIRMA, BankBot-YNRK is a dangerous malware

Researchers Discover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Information Read More »

Cybercriminals Abuse Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

A financially motivated threat cluster is systematically targeting trucking and logistics companies, weaponizing common Remote Monitoring and Management (RMM) software to infiltrate their networks. The ultimate goal of these attacks is to hijack freight operations and steal high-value physical cargo, particularly food and beverage products. The Campaign’s Objective: Cargo Theft via Digital Intrusion According to

Cybercriminals Abuse Remote Monitoring Tools to Infiltrate Logistics and Freight Networks Read More »

Russian Ransomware Groups Weaponize Open-Source AdaptixC2 for Advanced Attacks

A powerful open-source command-and-control (C2) framework named AdaptixC2 is rapidly being adopted by a wide range of cybercriminals, with strong links to Russian ransomware operations. This trend highlights the ongoing weaponization of legitimate security tools by threat actors to conduct more advanced and evasive attacks. What is AdaptixC2? AdaptixC2 is an emerging, extensible post-exploitation framework

Russian Ransomware Groups Weaponize Open-Source AdaptixC2 for Advanced Attacks Read More »

Nation-State Hackers Use New Airstalk Malware in Suspected Supply Chain Attack

A sophisticated threat actor, believed to be state-sponsored, has been discovered using a previously unknown malware family dubbed “Airstalk” in a suspected software supply chain attack. The malware uniquely abuses a legitimate enterprise mobile device management (MDM) API to establish a covert communication channel with its operators. The Attacker and the Malware’s Core Deception Tracked

Nation-State Hackers Use New Airstalk Malware in Suspected Supply Chain Attack Read More »