Chinese-Linked HiatusRAT Malware Targets Security Cameras in Global Cyber Campaign
The FBI warns of an expanding malware operation targeting IoT devices, particularly security cameras and DVRs from Chinese manufacturers. The HiatusRAT campaign, potentially linked to Chinese state interests, exploits vulnerabilities across multiple countries while focusing on defense-related intelligence gathering.
Massive Malvertising Campaign Spreads Lumma Malware Through Fake CAPTCHA Scam
Cybercriminals have launched a sophisticated attack reaching millions of users through compromised ad networks, using fake CAPTCHA verification pages to distribute the Lumma information stealer. The campaign generates over 1 million daily ad impressions across 3,000+ websites, targeting sensitive data like banking credentials and personal files.
Hackers Turn the Tables: 390,000 WordPress Credentials Stolen in Supply Chain Attack
A sophisticated hacking group dubbed MUT-1244 executed a year-long campaign targeting cybercriminals and researchers through trojanized software tools. The attackers successfully stole over 390,000 WordPress credentials along with other sensitive data using deceptive GitHub repositories and infected npm packages.
HeartCrypt: The $20 Malware Service Making Cyber Attacks More Accessible
A new malware packing service called HeartCrypt has emerged, allowing criminals to hide malicious code in legitimate-looking software for just $20. The service's sophisticated concealment techniques and growing adoption by cybercriminals highlight evolving threats in the cybersecurity landscape.
China's EagleMsgSpy: Sophisticated Android Surveillance Tool Exposed
Researchers have uncovered a powerful spyware tool used by Chinese law enforcement to collect extensive data from Android devices since 2017. The surveillance system, developed by Wuhan Chinasoft Token Information Technology, can capture everything from call logs to real-time screen recordings.
Krispy Kreme's Online Ordering Hit by Cyberattack, Disrupting Digital Sales
Popular doughnut chain Krispy Kreme faces operational disruptions after detecting an unauthorized system breach affecting its U.S. online ordering platforms. While physical stores remain open, the company acknowledges potential material impact as it works with cybersecurity experts to investigate and restore services.
ZLoader Returns: New Variant Uses DNS Tunneling to Evade Detection
A sophisticated new variant of ZLoader malware has emerged with enhanced stealth capabilities, using DNS tunneling to mask command-and-control communications. The version 2.9.4.0 update introduces an interactive shell and custom protocols, marking the malware's concerning evolution after a two-year hiatus.
AI Library Ultralytics Hit by Crypto Mining Malware in Supply Chain Attack
Security researchers uncovered cryptocurrency mining malware embedded in two versions of the popular Ultralytics AI library on PyPI. The sophisticated attack exploited GitHub Actions to inject malicious code, prompting urgent calls for users to upgrade to the latest secure version.
Russian Hackers Deploy Advanced Evasion Tactics Using Cloudflare to Target Ukraine
Russian state-linked group Gamaredon adopts sophisticated concealment methods, leveraging Cloudflare Tunnels and DNS fast-flux to deliver GammaDrop malware through spear-phishing attacks. The campaign specifically targets Ukrainian organizations while employing legitimate services to evade detection.
Cybercriminals Exploit Corrupted Files to Bypass Security in Sophisticated Phishing Campaign
A new phishing campaign discovered by ANY.RUN researchers uses deliberately damaged Office documents and ZIP files to evade antivirus detection. The attack leverages built-in file recovery features to deliver malicious QR codes while remaining undetectable to security tools.