13.5M Device Botnet Drives 2 Tbps DDoS Attacks on FinTech, Qrator Finds
A new Qrator Labs report reveals that the largest DDoS botnet has grown to 13.5 million devices, and…
cyber attacks
Active HanGhost Loader Campaign Targets Enterprise Payment and Logistics Workflows
Active HanGhost Loader campaign targets enterprise payment and logistics workflows with fileless attacks, multi-stage execution, and stealthy malware delivery.
Booking.com Confirms Data Breach as Hackers Access Customer Details
Booking.com confirms a data breach exposing customer details to hackers. No payment data accessed, but users face risk of targeted phishing scams now!
Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses
ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK.
Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records
A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.
ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot
ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met.
UNC6783 Hackers Use Fake Okta Pages in Corporate Breach Campaign
UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensitive data.
Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Flaw Disclosure
Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours.
North Korean Hackers Pose as Trading Firm to Steal $285M from Drift
North Korean hackers (UNC4736) posed as a trading firm for six months to infiltrate Drift Protocol, using social engineering tactics to steal $285M without suspicion.
UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles
North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.