When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal

A recent campaign orchestrated by the EncryptHub threat group combines social engineering tactics with exploitation of CVE-2025-26633 to deliver malicious payloads. Attackers impersonate Brave Support to deceive users.

Cybercriminals Exploit Low-Cost Initial Access Broker Market

The most common initial access vectors included: VPN accounts – 23.5% Domain user accounts – 19.9% Remote Desktop Protocol (RDP) – 16.7% Such access enables threat actors to perform lateral movement, defense evasion, and data exfiltration.

Research reveals possible privacy gaps in Apple Intelligence’s data handling

Findings indicate that Siri and related services may transmit sensitive user data to Apple servers beyond what is disclosed in Apple’s privacy policies, raising questions about user consent, data handling transparency, and more.

North Korean cyber-espionage group ScarCruft adds ransomware in recent attack

ScarCruft, a North Korean state-sponsored cyber-espionage group, has taken the unusual step of deploying a new ransomware named VCD in its latest campaign. ScarCruft used phishing emails with malicious archive attachments to gain initial access.

Encryption Made for Police and Military Radios May Be Easily Cracked

Researchers have uncovered critical vulnerabilities in end-to-end encryption (E2EE) used in TETRA-based radios, which are widely deployed by police, military, and intelligence agencies globally.

Leak Reveals the Workaday Lives of North Korean IT Scammers

A newly leaked trove of data has exposed the inner workings of North Korea’s covert IT worker operations, revealing how the regime systematically places skilled developers in remote jobs worldwide to generate revenue for its weapons programs.

Exploring the Top Cyber Threats Facing Agentic AI Systems

Context corruption is the most critical threat to agentic AI systems. LLMs are unreliable at distinguishing between legitimate and malicious instructions. Attackers can inject malicious prompts that alter the agent’s behavior.

New Ghost Calls tactic abuses Zoom and Microsoft Teams for C2 operations

A new post-exploitation C2 evasion technique, dubbed Ghost Calls, has emerged, leveraging TURN servers used by popular conferencing platforms like Zoom and Microsoft Teams to tunnel malicious traffic through trusted infrastructure.

Pro-Iran Hackers Aligned Cyber with Kinetic War Aims

A recent surge in cyber operations by pro-Iran hacking groups has been observed in alignment with a 12-day kinetic conflict against Israel. They targeted critical infrastructure, public entities, and individuals through a variety of techniques.

Crypto ATMs fueling criminal activity, Treasury warns

Crypto ATMs have seen a dramatic rise in deployment across the United States. According to data cited by FinCEN from Coin ATM Radar, the number of reported Bitcoin ATMs in the U.S. increased from 4,250 in early 2020 to 30,647 as of August 4, 2025.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags