Cybercriminal activity continues to evolve as attackers combine social engineering with increasingly advanced malware capabilities. A recent campaign targeting users across the Middle East and Africa uses fake shipment notifications to lure victims to fraudulent delivery websites. At the same time, researchers have uncovered the DrillApp backdoor being deployed in targeted operations against Ukrainian organizations. Meanwhile, researchers have identified a new ransomware strain called Slopoly that leverages AI-assisted techniques to streamline reconnaissance and enhance the efficiency of ransomware attacks. Keep reading further.
01
A large-scale phishing campaign using fake shipment notifications is targeting users in the Middle East and Africa, tricking victims into submitting banking credentials through spoofed delivery portals.
02
Researchers discovered the DrillApp backdoor, a malware strain used in targeted attacks against Ukrainian organizations, enabling persistent access and remote command execution on compromised systems.
03
Threat actors abused the AppsFlyer Web SDK to distribute cryptocurrency-stealing JavaScript malware, infecting websites and silently harvesting digital wallet information from visitors.
04
Threat actor Storm-2561 is leveraging SEO poisoning to spread fake VPN installers designed to steal credentials and compromise victim systems.
05
Researchers identified Slopoly ransomware, which incorporates AI-assisted techniques to automate reconnaissance and improve attack efficiency during ransomware operations.
06
Security researchers uncovered a malicious campaign abusing KakaoTalk messaging, distributing malware-laden files to compromise systems and steal sensitive user information.
07
Multiple vulnerabilities in Google Looker Studio could allow attackers to manipulate reports, expose sensitive analytics data, or conduct unauthorized actions through crafted requests.
08
Analysts warned that OpenCLAW AI agents could leak sensitive information through indirect prompt injection attacks, where malicious prompts manipulate AI workflows to exfiltrate confidential data.
09
Investigations revealed ongoing intrusions targeting FortiGate edge devices, where attackers exploit misconfigurations and vulnerabilities to gain unauthorized access to enterprise networks.
10
Cybercriminals are distributing trojanized FileZilla installers through fake download sites, infecting victims with malware designed to steal credentials and compromise systems.
