Massive Cryptocurrency Mining Operation Hijacks Over 1,500 PostgreSQL Servers
A sophisticated cyberattack campaign has compromised more than 1,500 PostgreSQL database servers for illicit cryptocurrency mining. The fileless attack, attributed to threat actor JINX-0126, employs advanced evasion techniques and targets internet-exposed instances with weak security.
Advanced Phishing Platform 'Morphing Meerkat' Impersonates Over 100 Brands
A sophisticated phishing-as-a-service platform has emerged that can automatically generate convincing fake login pages by analyzing email domains. The threat actor's system, nicknamed 'Morphing Meerkat', uses DNS records and advanced evasion tactics to customize attacks across multiple languages.
VanHelsing: Cross-Platform Ransomware Service Targets Global Organizations
A sophisticated new ransomware-as-a-service called VanHelsing has emerged, targeting multiple operating systems with advanced encryption capabilities. The malware has already claimed victims across the US and France, with affiliates receiving up to 80% of ransom payments that can reach $500,000.
DollyWay Malware Campaign: The Eight-Year Evolution of a WordPress Threat
A sophisticated malware operation called DollyWay has compromised over 20,000 WordPress sites since 2016, redirecting millions of visitors to fraudulent pages. The campaign's third iteration employs advanced techniques like cryptographic signing and multiple injection methods to maintain persistence.
New Linux Backdoor 'Auto-color' Targets Academic and Government Systems
A sophisticated Linux backdoor dubbed 'Auto-color' is actively compromising universities and government institutions across North America and Asia. The stealthy malware grants attackers extensive remote access while being notably difficult to detect and remove, featuring a kill switch that hampers forensic investigations.
Massive Black Basta Ransomware Leak Exposes Criminal Empire's Inner Workings
A groundbreaking data breach has revealed over 200,000 private messages from the Black Basta ransomware group, providing unprecedented insight into their sophisticated attack methods and internal conflicts. The leak, spanning a year of communications, details the organization's methodical approach to targeting critical infrastructure and major institutions worldwide.
Malicious Steam Game 'PirateFi' Caught Stealing User Credentials and Sensitive Data
A free game on Steam was discovered containing dangerous malware designed to steal passwords and sensitive information before being removed by Valve. The Vidar info-stealer malware reportedly compromised hundreds of users' data, prompting urgent security measures.
North Korean Hackers Deploy Deceptive 'ClickFix' Social Engineering Tactic
Kimsuky, a sophisticated North Korean hacking group, has been observed using a new social engineering technique called 'ClickFix' to target South Korean users. The attackers trick victims into running malicious PowerShell scripts through fake browser notifications and spear-phishing campaigns.
Browser Syncjacking: The Dangerous New Chrome Attack That Hijacks Your Entire Computer
Researchers uncover 'browser syncjacking', a sophisticated cyberattack that uses malicious Chrome extensions to gain complete control of victims' devices. The attack exploits Google's browser sync feature to steal sensitive data while evading detection through legitimate-looking prompts and minimal permissions.
NGate Malware Exploits NFC Technology to Clone Payment Cards and Steal Money
A sophisticated malware campaign targeting Czech banks uses Android phones to relay NFC payment card data to attackers, enabling fraudulent ATM withdrawals. The scheme, which operated from late 2023 until a recent arrest, combines social engineering and modified open-source code to steal banking credentials and clone cards.