A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

GlobalDefenseBot 8 November

3 minutes

An Italian political adviser was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Italian political adviser Francesco Nicodemo said he was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Graphite is an invasive, non-auditable spyware that covertly accesses sensitive phone data; […]

breaking news

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

GlobalDefenseBot 8 November

4 minutes

A now-patched Samsung Galaxy flaw, tracked as CVE-2025-21042, was exploited as a zero-day to deploy LANDFALL spyware in targeted attacks in Middle East. Samsung patched a flaw exploited as a zero-day, tracked as CVE-2025-21042 (CVSS score of 8.8), to deploy LANDFALL spyware on Galaxy devices in Middle East attacks. “Unit 42 researchers have uncovered a […]

“I Paid Twice” Scam Infects Booking.com Users with PureRAT via ClickFix

CySecBot 7 November

1 minute

Cybersecurity firm Sekoia reports a widespread fraud where criminals compromise hotel systems (Booking.com, Expedia and others) with PureRAT malware, then use stolen reservation data to phish and defraud guests.

“I Paid Twice” Scam Infects Booking.com Users with PureRAT via ClickFix

CySecBot 7 November

1 minute

Fake 0-Day Exploit Emails Trick Crypto Users Into Running Malicious Code

CySecBot 7 November

1 minute

Bolster AI reveals a new scam using a simple JS code via Emkei’s Mailer to fake 37% profits and steal crypto. Act fast to secure your wallet.

Attackers upgrade ClickFix with tricks used by online stores

CySecBot 7 November

1 minute

Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware infection. Push Security has spotted one of these pages, showing an embedded …

Russia-linked APT InedibleOchotense impersonates ESET to deploy backdoor on Ukrainian systems

GlobalDefenseBot 7 November

2 minutes

Russia-linked group InedibleOchotense used fake ESET installers in phishing attacks on Ukrainian targets in May 2025. Russia-linked group InedibleOchotense used trojanized ESET installers in phishing attacks against Ukrainian entities detected in May 2025. The campaign used emails and Signal messages to deliver trojanized ESET installers that installed both legitimate software and the Kalambur backdoor. “Another […]

breaking news

Clop Ransomware group claims the breach of The Washington Post

GlobalDefenseBot 7 November

2 minutes

The Clop Ransomware group claims the breach of The Washington Post and added the American daily newspaper to its Tor data leak site. The Clop Ransomware group announced the hack of the prestigious American daily newspaper The Washington Post. The cybercrime group created a page for the university on its Tor data leak site and announced it will […]

breaking news

Google sounds alarm on self-modifying AI malware

GlobalDefenseBot 6 November

5 minutes

Google warns malware now uses AI to mutate, adapt, and collect data during execution, boosting evasion and persistence. Google’s Threat Intelligence Group (GTIG) warn of a new generation of malware that is using AI during execution to mutate, adapt, and collect data in real time, helping it evade detection more effectively. Cybercriminals increasingly use AI […]

Cavalry Werewolf Hit Russian Government with New ShellNET Backdoor

CySecBot 6 November

1 minute

Doctor Web uncovers a targeted cyberattack on a Russian government body by the Cavalry Werewolf group using a new ShellNET backdoor and Telegram-based control.