A coordinated international law enforcement operation successfully dismantled SocksEscort, a massive malicious residential proxy network. Led by the U.S. Justice Department alongside several European allies, the operation disrupted a sophisticated inf…
The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how threat actors can quickly build new malware frameworks using AI. Hive0163 is a threat actor […]
Law enforcement agencies in the US and Europe targeted the cybercrime service that has impacted 360,000 devices since 2020.
The post Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet appeared first on SecurityWeek.
European and US agencies dismantled the SocksEscort proxy network built on infected routers and used by cybercriminals in global fraud schemes.
Researchers have discovered PixRevolution, a new Android banking trojan targeting Brazil’s PIX system. Unlike automated scams, this malware uses live operators to watch your screen and divert funds instantly.
The 2024 incident was initially linked to China, but an infostealer infection has now revealed North Korean involvement.
The post Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea appeared first on SecurityWeek.
Bell Ambulance confirms a February 2025 breach affecting 238,000 people, exposing personal, financial, and health information. Nearly 238,000 individuals are impacted by a February 2025 Bell Ambulance data breach. Bell Ambulance is a U.S.-based emergency medical services provider offering ambulance transport, paramedic care, and patient support. It serves communities with urgent medical response, interfacility transfers, […]
BeatBanker Android malware spreads through fake Starlink apps on websites imitating Google Play Store, hijacking devices, stealing credentials, and mining crypto. A new Android malware called BeatBanker spreads through fake Starlink apps distributed on websites posing as the Google Play Store. Once installed, it hijacks devices, steals login credentials, tampers with cryptocurrency transactions, and secretly […]
BeatBanker Android Trojan spreads via fake Google Play Store pages, using a silent audio loop to stay active while stealing crypto, banking data, and login credentials.
Aryaka researchers have identified a new threat from a Russian-speaking group using ‘BlackSanta’ malware. By disguising attacks as job applications, hackers are bypassing security to target recruitment workflows.