Hackers Clone Ghidra, dnSpy and Other Tool Sites to Spread Malware
Hackers are cloning Ghidra, dnSpy, ILSpy and other free tool sites to spread Malware like RemusStealer, crypto clippers and loaders through fake downloads.
Cyber Attack
Silent Ransom Group Uses Fast Flux Botnet to Hide Law Firm Leak Sites
Cybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing.
Instagram Recovery Tool Bug Exposed 20,225 Accounts to Password Reset Abuse
Meta says an Instagram recovery tool bug allowed attackers to abuse password resets, affecting 20,225 accounts and exposing users without 2FA to account takeover risk.
Miasma Malware Hits 32 Red Hat Packages via Compromised GitHub Account
32 Red Hat npm packages compromised by Miasma malware expose cloud tokens, CI/CD secrets and developer credentials in supply chain attack.
Atlas Menu Data Breach Exposes 64,000 GTA V and CS2 Cheat Service Users
Atlas Menu Data Breach exposes 64,000 GTA V and CS2 cheat service users, leaking emails, IPs, support tickets and hashed passwords.
iFood Confirms Data Breach Affecting 1.2 Million Users in Brazil
iFood confirms a data breach affecting 1.2 million customers in Brazil, while hackers on BreachForums claim the actual theft is much larger.
Lazarus Group Uses npm Brandjacking Campaign to Target Developers
North Korean Lazarus Group targets npm developers with brandjacking packages that mimic trusted tools, drop malware and put credentials at risk.
China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware
Proofpoint says TA4922, a suspected China aligned cybercrime group, is targeting UK and European organisations with tax, payroll and benefits themed malware campaigns.
Alcasec, “Robin Hood of Spanish Hackers,” Jailed for 31 Months Over Data Theft
Alcasec, the “Robin Hood of Spanish Hackers,” is jailed for 31 months after admitting to stealing and selling Spanish citizens’ banking data.
Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware
Fake ChatGPT desktop app ads pushed password-stealing malware by abusing trusted AI links, hiding from scanners, and tricking users into downloads.