Credential stuffing attacks are getting a boost from an underground tool called Atlantis AIO Multi-Checker. Designed for scale, this e-crime utility automates the process of testing stolen credentials across multiple platforms. Researchers have uncovered a new RaaS operation called Playboy Locker, which is targeting Windows, NAS, and ESXi environments. Phishing campaigns against the Steam gaming community continue to evolve, with attackers now using browser-in-the-browser techniques to mimic login windows. Read on for more.
01
Threat actors are using an e-crime tool called Atlantis AIO Multi-Checker to carry out large-scale credential stuffing attacks. The tool can also conduct brute-force attacks and automate account recovery processes.
02
Cybereason investigated a new RaaS, Playboy Locker, that targets Windows, NAS, and ESXi systems, using a combination of encryption algorithms and various tactics such as shadow copy deletion and LDAP scanning.
03
The ReaderUpdate macOS malware loader has evolved, with threat actors creating new versions using Crystal, Nim, Rust, and Go programming languages, in addition to the original Python binary.
04
The cryptocurrency platform Abracadabra Finance lost about $13 million worth of digital currency to hackers, with 6,260 Ethereum coins stolen in the attack.
05
Google has fixed a high-severity Chrome zero-day vulnerability that was exploited in a cyber-espionage campaign called Operation ForumTroll.
06
A new phishing campaign using complex browser-in-the-browser attacks has been targeting Steam and Counter-Strike 2 players while abusing the brand of the pro eSports team Navi.
07
The Ukrainian IT Army claimed responsibility for a cyberattack on Russian internet provider Lovit, causing service disruptions in Moscow and St. Petersburg for three days and affecting apartment access, businesses, and critical infrastructure.
08
CrushFTP warned customers about an unauthenticated HTTP(S) port access vulnerability, urging them to patch their servers immediately, with both v10 and v11 versions confirmed to be impacted.
09
Broadcom has released security updates to address a high-severity authentication bypass vulnerability (CVE-2025-22230) in VMware Tools for Windows.
10
A threat actor known as EncryptHub has been exploiting a Microsoft Management Console vulnerability, allowing it to bypass security features and execute malicious code on unpatched devices.
