Cybercriminal campaigns are increasingly combining automation, large-scale data theft, and sophisticated social engineering techniques to maximize impact. In one campaign, researchers uncovered an OpenCLAW AI bot operation hosted on GitHub that automates the creation of cryptocurrency phishing pages. Separately, Operation Alice revealed a massive dark web fraud ecosystem involving more than 370,000 compromised accounts being traded and exploited for financial fraud and identity theft. Adding to these threats, attackers are also distributing the PureLog Stealer through copyright infringement-themed phishing emails. Keep reading further.
01
Researchers identified an OpenCLAW AI bot crypto phishing campaign hosted on GitHub that uses AI automation to generate phishing pages and steal cryptocurrency wallet credentials.
02
Operation Alice exposed a large-scale dark web fraud operation involving over 370,000 compromised accounts and stolen credentials traded and used for financial fraud and identity theft.
03
Canister Worm, a malware strain, is spreading through misconfigured container environments and cloud infrastructure.
04
Cybercriminals are distributing malware through fake Zoom meeting invite scams, tricking Windows users into installing malicious payloads disguised as meeting software or updates.
05
Security researchers discovered that the TeamPCP GitHub organization compromise led to the distribution of malicious code through trusted repositories, highlighting the risks of open-source supply chain attacks.
06
Attackers are using copyright infringement-themed phishing lures to deliver the PureLog Stealer malware through multi-stage infection chains designed to steal credentials and browser data.
07
The VoidStealer malware has been observed bypassing Android security protections and anti-malware defenses to steal sensitive data from infected devices.
08
The Interlock ransomware group is targeting Cisco enterprise firewalls, exploiting network devices to gain access and deploy ransomware within enterprise environments.
09
A critical vulnerability (CVE-2026-22898) in QNAP QVR Pro could allow attackers to execute remote code and compromise surveillance and storage systems.
10
CISA warned that Russian intelligence services are targeting commercial messaging application accounts to gain access to sensitive communications and intelligence.
