Not every dev email is what it seems. North Korean hackers are spoofing messages from a developer platform to deliver BeaverTail malware, along with a downloader, in a campaign that blends social engineering with targeted delivery. Browser extensions are doing more than customizing your tabs. The RolandSkimmer campaign is hitting Windows users in Bulgaria, stealing credit card data right from the browser. A new phishing campaign is weaving together Cloudflare services and Telegram to stay hidden in plain sight. Likely run by a Russian-speaking group, the operation uses layered evasion tactics. Read on for more.
01
North Korean threat actors impersonated a recruitment email from a developer community called Dev[.]to to distribute BeaverTail malware and a downloader malware called car.dll.
02
The RolandSkimmer campaign is a sophisticated credit card skimming attack that targets Windows users, primarily in Bulgaria, through malicious browser extensions on Chrome, Edge, and Firefox.
03
A sophisticated web skimmer campaign has been identified, which uses a legacy Stripe API to validate stolen payment information before it's exfiltrated.
04
Socket spotted a malicious Python package named "disgrasya" on PyPI. This package contains an automated carding script targeting WooCommerce stores using CyberSource as their payment gateway.
05
A vulnerability in Verizon's Call Filter feature allowed unauthorized access to the incoming call logs of other Verizon Wireless users through an unsecured API request.
06
A new sophisticated phishing campaign orchestrated by a Russian-speaking threat actor abuses Cloudflare services and Telegram for malicious purposes, employing advanced tactics to evade detection.
07
Sonatype identified 17,954 open source malware packages in Q1 2025, with 56% of the malware being related to data exfiltration.
08
The Bruno project has issued a security advisory, revealing two critical vulnerabilities—CVE-2025-30354 and CVE-2025-30210—in its API client.
09
Cybercriminals are exploiting Spotify and Apple Music to steal personal and financial information from users by sending spoofed emails claiming payment failures and prompting users to update their accounts.
10
AI-powered data security firm Cyberhaven raised $100 million in a Series D funding round led by StepStone Group, with participation from Schroders and Industry Ventures.
