New Phishing Campaign Uses DBatLoader to Drop Remcos RAT: What Analysts Need to Know
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.
Cyber Attack
Adidas Confirms Cyber Attack, Customer Data Stolen
Adidas confirms cyber attack compromising customer data, joining other major retailers targeted by advanced threats and rising cybersecurity risks.
WordPress TI WooCommerce Wishlist Plugin Flaw Puts Over 100,000 Websites at Risk of Cyberattack
A severe security flaw has been identified in the TI WooCommerce Wishlist plugin, a widely used WordPress extension with over 100,000 active installations. This plugin enables WooCommerce store owners to integrate wishlist functionality into their onli…
Hackers Use Fake OneNote Login to Capture Office365 and Outlook Credentials
A recent investigation by security analysts has uncovered a persistent phishing campaign targeting Italian and U.S. users, utilizing a chain of free cloud platforms and Telegram bots for credential harvesting and data exfiltration. The attack typically…
Iranian Cybergroup Toufan Targets Organizations to Steal Login Credentials
A pro-Palestinian cybergroup called Cyber Toufan, which means “cyber storm,” has become a serious threat to Israeli groups in the changing digital battlefield of the Israel-Gaza war. Over the past year, this ideologically driven group has o…
Velvet Chollima APTHackers Target Government Officials Using Weaponized PDFs
The DPRK-linked Velvet Chollima Advanced Persistent Threat (APT) group has launched a sophisticated cyberattack campaign targeting South Korean government officials, as well as NGOs, government agencies, and media organizations across North America, So…
Adidas Customer Information Compromised Through Third-Party Vendor
German sportswear giant Adidas has confirmed a data breach after cybercriminals accessed customer data through a third-party customer service provider. The breach, disclosed on May 23, 2025, did not involve sensitive information such as passwords or pa…
Everest Ransomware Leaks Coca-Cola Employee Data Online
Everest ransomware leaks Coca-Cola employee data: 1,104 files exposed, including HR, admin roles, IDs, personal details, and internal records.
Chinese Hackers Exploit Cityworks 0-Day to Hit US Local Governments
Cisco Talos warns of active exploitation of a zero-day vulnerability (CVE-2025-0994) in Cityworks supposedly by Chinese hackers from…
Nova Scotia Power Suffers Ransomware Attack; 280,000 Customers’ Data Compromised
Nova Scotia Power, the largest electricity provider in the province, confirmed on Friday, May 23, 2025, that it has been the victim of a sophisticated ransomware attack. The breach, first detected on April 25, was later traced back to March 19, when th…