Operation Endgame: Dutch Police Arrest Alleged AVCheck Operator
Dutch police arrest the alleged AVCheck operator at Schiphol as part of Operation Endgame, a global effort targeting malware services and cybercrime.
A ransomware attack disrupted operations at South Korean conglomerate Kyowon
South Korean conglomerate Kyowon confirmed a ransomware attack that disrupted operations and may have exposed customer data. Kyowon Group is a major South Korean conglomerate with diverse business interests spanning education, publishing, media, and technology. It operates nationwide, serving millions of customers through its various subsidiaries and brands. The company is a significant player in […]
GhostPoster Browser Malware Hid for 5 Years With 840,000 Installs
Researchers uncover a 5-year malware campaign using browser extensions on Chrome, Firefox and Edge, relying on hidden payloads and shared infrastructure.
New CastleLoader Variant Linked to 469 Infections Across Critical Sectors
ANY.RUN report reveals how the new CastleLoader malware targets US government agencies using stealthy ClickFix tricks and memory-based attacks to bypass security.
Lumen disrupts AISURU and Kimwolf botnet by blocking over 550 C2 servers
Lumen’s Black Lotus Labs blocked over 550 C2 servers tied to the AISURU/Kimwolf botnet used for DDoS attacks and proxy abuse. Lumen’s Black Lotus Labs disrupted over 550 command-and-control servers linked to the AISURU and Kimwolf botnet, a major network used for DDoS attacks and proxy abuse. Acting as a DDoS-for-hire service, Aisuru avoids government […]
CERT-UA reports PLUGGYAPE cyberattacks on defense forces
CERT-UA reported PLUGGYAPE malware attacks on Ukraine’s defense forces, linked with medium confidence to Russia’s Void Blizzard group. The Computer Emergency Response Team of Ukraine (CERT-UA) reported new cyberattacks against Ukraine’s defense forces using PLUGGYAPE malware. Government experts attributed the attack with medium confidence to the Russian-linked group Void Blizzard (aka Laundry Bear, UAC-0190), active […]
New China Linked VoidLink Linux Malware Targets Major Cloud Providers
Researchers have discovered VoidLink, a sophisticated new Linux malware framework designed to infiltrate AWS, Google Cloud, and Azure. Learn how this Chinese-affiliated toolkit uses adaptive stealth to stay hidden.
GoBruteforcer Botnet Targeting Crypto, Blockchain Projects
The botnet’s propagation is fueled by the AI-generated server deployments that use weak credentials, and legacy web stacks.
The post GoBruteforcer Botnet Targeting Crypto, Blockchain Projects appeared first on SecurityWeek.
Dutch court convicts hacker who exploited port networks for drug trafficking
Dutch appeals court jails a 44-year-old hacker for 7 years for hacking port systems to help smuggle cocaine through European logistics hubs. A Dutch appeals court sentenced a 44-year-old hacker to seven years in prison for hacking port systems to help smuggle cocaine through European logistics hubs into the Netherlands. The appeals court reduced the […]
Widespread Magecart Campaign Targets Users of All Major Credit Cards
Researchers at Silent Push have exposed a global Magecart campaign stealing credit card data since 2022. Learn how this invisible web-skimming attack targets major networks like Mastercard and Amex, and how to stay safe.