Along with stealing data, cybercriminals are also seizing control. A new Android malware called BTMOB RAT is spreading through phishing sites, masquerading as streaming services and crypto platforms. Espionage campaigns continue to evolve, with REF7707 launching a targeted attack on a South American foreign ministry. The group used spear-phishing emails to deploy malware. Kimsuky is stepping up its deception game, borrowing tactics from ClickFix campaigns to spread info-stealers. Read on for more.
01
A new Android malware called BTMOB RAT has been discovered, targeting users through phishing sites. This malware is an upgraded version of SpySolr RAT.
02
A new REF7707 campaign targeted the foreign ministry of a South American country to deploy the FINALDRAFT and PATHLOADER malware.
03
Seashell Blizzard, a subgroup of the Russian Sandworm group, has been targeting critical organizations and governments globally in a multi-year campaign called BadPilot.
04
Chinese state-sponsored group RedMike exploited vulnerabilities in over 1,000 Cisco devices to compromise telecommunications providers globally, including in the U.S. and South Africa.
05
Threat actors exploited a smart contract vulnerability in zkLend and pilfered 3,600 Ethereum, worth $9.5 million at the time.
06
A MageCart attack was identified on a Magento-based eCommerce site, where malicious JavaScript was embedded within an HTML tag.
07
North Korean state actor Kimsuky has begun using a new tactic influenced by ClickFix campaigns, which distribute info-stealer through misleading error messages.
08
GreyNoise observed 572 unique IPs exploiting a vulnerability (CVE-2022-47945) in ThinkPHP Framework. Hackers are also abusing another flaw (CVE-2023-49103) in ownCloud.
09
A new report by Comparitech noted that almost 59,000 Americans fell prey to romance scams in 2024, resulting in a loss of $697.3 million.
10
Google has launched Chrome version 133.0.6943.98/.99 for Windows and Mac, and 133.0.6943.98 for Linux, addressing four serious security vulnerabilities.
