The PipeMagic malware, which is credited to the financially motivated threat actor Storm-2460, is a remarkable illustration of how cyber dangers are always changing. It poses as the genuine open-source ChatGPT Desktop Application from GitHub. This soph…
Microsoft warns that a fake ChatGPT desktop app was used to deliver PipeMagic malware, linked to ransomware attacks…
Cybersecurity researchers have uncovered a sophisticated campaign where threat actors leverage a Microsoft Help Index File (.mshi) to deploy the PipeMagic backdoor, marking a notable evolution in malware delivery methods. This development ties into the…
Morphisec warns of a new Noodlophile Stealer variant spread via fake copyright phishing emails, using Dropbox links and…
Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property infringement, Morphisec researchers have warned. The campaign The emails, ostensibly se…
Phrack Magazine’s latest issue #72 has unveiled a significant data leak from a suspected North Korean hacking operation, including exploit tactics, compromised system details, and a sophisticated Linux rootkit. The dump, linked to a Chinese threa…
DoJ seized $2.8M in crypto from Ianis Antropenko, indicted in Texas and tied to the defunct Zeppelin ransomware. The U.S. Department of Justice (DoJ) seized more than $2.8 million in cryptocurrency from Ianis Aleksandrovich Antropenko. Antropenko was allegedly involved in now defunct Zeppelin ransomware operation (2019 – 2022), he also laundered proceeds via ChipMixer and structured […]
WarLock ransomware hit Colt Telecom, causing outages in hosting, porting, Colt Online, and Voice API since August 12. UK-based Colt Technology Services suffered a cyberattack, reportedly caused by WarLock ransomware, resulting in multi-day outages for hosting, porting, Colt Online, and Voice API services. Colt, officially known as Colt Technology Services Group Limited, is a multinational […]
A seller named Chucky_BF is offering 15.8M PayPal logins with emails, passwords, and URLs. The data may come…
AshES Cybersecurity has disclosed a severe zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) software that transforms the security tool into a weapon against the systems it’s designed to protect. The flaw, found in t…