Gamers beware! A crafty campaign impersonating the Electronic Frontier Foundation is hitting Albion Online players, unleashing Stealc malware and Pyramid C2 infrastructure to snatch data and wreak havoc. Scammers have once again hijacked LinkedIn’s professional sheen, to deliver the ConnectWise RAT. China’s Silk Typhoon is rewriting the espionage playbook with a cloud-first twist. The group is now targeting remote management tools and cloud services to infiltrate downstream networks across industries. Here are the top 10 highlights from the past 24 hours.
01
A targeted cybercriminal campaign impersonated the Electronic Frontier Foundation to target Albion Online players and deploy Stealc malware and Pyramid C2 infrastructure.
02
A LinkedIn-spoofing malware campaign delivering ConnectWise RAT has been identified, which uses heavy LinkedIn branding and mimics older LinkedIn email templates to appear legitimate.
03
Socket has discovered a malicious PyPI package called set-utils that steals Ethereum private keys by exploiting common account creation functions.
04
The Chinese cyber-espionage group, Silk Typhoon, has changed its tactics to target remote management tools and cloud services, exploiting unpatched applications and stolen credentials to gain access to downstream customer networks across multiple industries.
05
The BadBox Android botnet has been disrupted by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices.
06
Nonprofit organizations have experienced a significant increase in cyberattacks, with email-based threats rising by 35.2% over the past year.
07
Google introduced two new AI-powered tools, Scam Detection for messages and calls, to protect Android users from conversational scams, with real-time warnings and a focus on user privacy.
08
YouTube has issued a warning about a phishing scam that uses an AI-generated video of its CEO to steal creators' credentials.
09
Cybersecurity startup SpecterOps raised $75 million in a Series B funding round led by Insight Partners, with participation from Ansa Capital, M12, and others.
10
Knostic, an access control provider for LLMs, raised $11 million in new funding from Bright Pixel Capital with participation from new and previous investors.
