14 Malicious NuGet Packages Found Stealing Crypto Wallets and Ad Data
ReversingLabs discovers 14 malicious NuGet packages, including Netherеum.All, using homoglyphs and fake downloads to steal crypto wallets and Google Ads data.
Scam
GitHub Scanner for React2Shell (CVE-2025-55182) Turns Out to Be Malware
A GitHub repository posing as a vulnerability scanner for CVE-2025-55182, also referred to as “React2Shell,” was exposed as…
New PyStoreRAT Malware Targets OSINT Researchers Through GitHub
A new malware called PyStoreRAT is being through fake OSINT tools on GitHub targeting IT and OSINT pros. Read Morphisec’s report detailing how it uses AI and evades security.
Scammers Sent 40,000 E-Signature Phishing Emails to 6,000 Firms in Just 2 Weeks
Phishing campaign: Scammers sent over 40,000 spoofed SharePoint, DocuSign and e-sign emails to companies, hiding malicious links behind trusted redirect services.
Torrent for DiCaprio’s “One Battle After Another” Movie Drops Agent Tesla
Bitdefender researchers warn that the torrent for Leonardo DiCaprio’s One Battle After Another is a trap deploying Agent Tesla malware. Learn how the fileless LOTL attack targets unsuspecting Windows users.
The Dark Web Economy Behind Ad Fraud: What Marketers Don’t See
Ad fraud networks use bots, deepfakes and spoofed traffic to drain PPC budgets. This report shows how fake clicks distort performance data.
Police Dismantle EUR 700 Million Crypto Scam That Used Deepfakes
Europol and Eurojust led a massive international police operation that successfully dismantled a crypto fraud network that laundered over €700M using deepfake ads.
SimpleX Chat X Account Hacked, Fake Site Promotes Crypto Wallet Scam
SimpleX Chat’s X account hacked to promote fake crypto site urging users to connect wallets. Site mimicked official design to steal funds.
Over 70 Domains Used in Months-Long Phishing Spree Against US Universities
Infoblox Threat Intel reports a campaign that used the Evilginx phishing kit to bypass Multi-Factor Authentication (MFA) and steal credentials from 18 US universities between April and November 2025.
Newly Sold Albiriox Android Malware Targets Banks and Crypto Holders
Cleafy analysis reveals Albiriox, a new Android Malware-as-a-Service (MaaS) RAT that targets over 400 global banking and crypto apps. Learn how ODF fraud enables full device takeover.