Tag: cybercrime
-
France investigates Interior Ministry email breach and access to confidential files
France’s Interior Ministry said it is investigating the “reality and scope” of a post on a cybercrime forum by a user claiming to have hacked the institution. First seen on therecord.media Jump to article: therecord.media/france-interior-ministry-email-breach-investigation
-
Hackers Claim Stealing 94GB of Pornhub Premium User Watch Histories
Cybercriminal group ShinyHunters targets former Pornhub Premium users in a massive 94GB data extortion campaign. Learn about the stolen data details, the involvement of a smishing attack, and the conflicting reports on the breach. First seen on hackread.com Jump to article: hackread.com/hackers-pornhub-premium-user-watch-histories/
-
Hackers Claim Stealing 94GB of Pornhub Premium User Watch Histories
Cybercriminal group ShinyHunters targets former Pornhub Premium users in a massive 94GB data extortion campaign. Learn about the stolen data details, the involvement of a smishing attack, and the conflicting reports on the breach. First seen on hackread.com Jump to article: hackread.com/hackers-pornhub-premium-user-watch-histories/
-
BlindEagle Targets Colombian Government Agency with Caminho and DCRAT
Tags: access, attack, authentication, cloud, communications, control, cybercrime, defense, detection, dkim, dmarc, dns, email, encryption, flaw, government, group, infrastructure, injection, Internet, malicious, malware, microsoft, open-source, phishing, powershell, rat, service, spear-phishing, startup, tactics, threat, tool, update, usa, windowsIntroductionIn early September 2025, Zscaler ThreatLabz discovered a new spear phishing campaign attributed to BlindEagle, a threat actor who operates in South America and targets users in Spanish-speaking countries, such as Colombia. In this campaign, BlindEagle targeted a government agency under the control of the Ministry of Commerce, Industry and Tourism (MCIT) in Colombia using…
-
Afripol Focuses on Regional Cyber Challenges, Deepening Cooperation
Rapid digitization, uneven cybersecurity know-how, and growing cybercriminal syndicates in the region have challenged law enforcement and prosecutors. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/afripol-focuses-regional-cyber-challenges-deepening-cooperation
-
Cellik Android malware builds malicious versions from Google Play apps
A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground cybercrime forums offering a robust set of capabilities that include the option to embed it in any app available on the Google Play Store. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cellik-android-malware-builds-malicious-versions-from-google-play-apps/
-
Medical Group Will Pay $1.2M to Settle Data Theft Lawsuit
Cybercrime Gang Rhysida Still Lists the Practice on Its Leak Site Among Its Victims. A Kansas medical group will pay $1.2 million to settle proposed class action litigation involving an attack that compromised the sensitive data of nearly 256,000 individuals. The Rhysida ransomware operation claimed responsibility and said it stole 3 terabytes. First seen on…
-
Nation-State and Cybercrime Exploits Tied to React2Shell
Tags: china, cve, cybercrime, ddos, exploit, hacker, iran, korea, malware, north-korea, service, update, vulnerability2 More Vulnerabilities Need Patching in React Server Components, Warns Vercel. Mass exploitation of the React2Shell – CVE-2025-55182 – vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn. First seen on govinfosecurity.com Jump to…
-
A Browser Extension Risk Guide After the ShadyPanda Campaign
In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions on a massive scale.A threat group dubbed ShadyPanda spent seven years playing the long game, publishing or acquiring harmless extensions, letting them run clean for years to build trust and gain millions of installs, then…
-
JLR: payroll data stolen in cybercrime that shook UK economy
Automaker admits raid that crippled its factories in August led to the theft of sensitive payroll data First seen on theregister.com Jump to article: www.theregister.com/2025/12/15/jlr_payroll_data_stolen_in/
-
JLR: payroll data stolen in cybercrime that shook UK economy
Automaker admits raid that crippled its factories in August led to the theft of sensitive payroll data First seen on theregister.com Jump to article: www.theregister.com/2025/12/15/jlr_payroll_data_stolen_in/
-
Attackers Worldwide are Zeroing In on React2Shell Vulnerability
Bad actors that include nation-state groups to financially-motivated cybercriminals from across the globe are targeting the maximum-severity but easily exploitable React2Shell flaw, with threat researchers see everything from probes and backdoors to botnets and cryptominers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/attackers-worldwide-are-zeroing-in-on-react2shell-vulnerability/
-
Attackers Worldwide are Zeroing In on React2Shell Vulnerability
Bad actors that include nation-state groups to financially-motivated cybercriminals from across the globe are targeting the maximum-severity but easily exploitable React2Shell flaw, with threat researchers see everything from probes and backdoors to botnets and cryptominers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/attackers-worldwide-are-zeroing-in-on-react2shell-vulnerability/
-
Sophos Cybercrime-Rückblick auf 2025 und -Ausblick auf 2026
Die Bedrohungslandschaft 2025 zeigt, wie sich Cyberrisiken auf mehreren Ebenen ausweiten. Staatliche und kriminelle Akteure passen sich schnell an, finden neue Angriffspfade und stellen die Verteidigung weltweit vor Herausforderungen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-cybercrime-rueckblick-auf-2025-und-ausblick-auf-2026/a43172/
-
2025 geht, 2026 kommt ein Rück- und Ausblick in Sachen Cyberkriminalität
Das vergangene Jahr hat gezeigt, dass Cyberangriffe raffinierter, schneller und unberechenbarer geworden sind. Sowohl staatliche Akteure als auch kriminelle Gruppen entwickeln neue Taktiken, die Verteidigungssysteme weltweit auf die Probe stellen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/2025-geht-2026-cyberkriminalitaet
-
2025 geht, 2026 kommt ein Rück- und Ausblick in Sachen Cyberkriminalität
Das vergangene Jahr hat gezeigt, dass Cyberangriffe raffinierter, schneller und unberechenbarer geworden sind. Sowohl staatliche Akteure als auch kriminelle Gruppen entwickeln neue Taktiken, die Verteidigungssysteme weltweit auf die Probe stellen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/2025-geht-2026-cyberkriminalitaet
-
Rück- und Ausblick in Sachen Cyberkriminalität
Von KI-getriebenem Betrug bis hin zu identitätszentrierten Attacken: Warum Unternehmen jetzt mehr denn je auf robuste Sicherheitsstrategien setzen müssen. Cyberangriffe werden raffinierter, schneller und unberechenbarer: 2025 hat gezeigt, wie stark sich Bedrohungsakteure weiterentwickeln. Und 2026 wird in Sachen Cyberbedrohungen noch einmal eine Schippe drauflegen. Ein Rück- und Ausblick in Sachen Cyberkriminalität von Sophos. Wo wir…
-
Rück- und Ausblick in Sachen Cyberkriminalität
Von KI-getriebenem Betrug bis hin zu identitätszentrierten Attacken: Warum Unternehmen jetzt mehr denn je auf robuste Sicherheitsstrategien setzen müssen. Cyberangriffe werden raffinierter, schneller und unberechenbarer: 2025 hat gezeigt, wie stark sich Bedrohungsakteure weiterentwickeln. Und 2026 wird in Sachen Cyberbedrohungen noch einmal eine Schippe drauflegen. Ein Rück- und Ausblick in Sachen Cyberkriminalität von Sophos. Wo wir…
-
Microsoft Patch Tuesday 2025 Year in Review
Tags: apt, attack, backdoor, cve, cyber, cybercrime, dos, exploit, flaw, malware, microsoft, ransomware, rce, remote-code-execution, service, software, threat, update, vulnerability, zero-dayMicrosoft addressed over 1,100 CVEs as part of Patch Tuesday releases in 2025, including 40 zero-day vulnerabilities. Key takeaways: Microsoft’s 2025 Patch Tuesday releases addressed 1,130 CVEs. This is the second year in a row where the CVE count was over 1,000. Elevation of Privilege vulnerabilities accounted for 38.3% of all Patch Tuesday vulnerabilities in…
-
Microsoft Patch Tuesday 2025 Year in Review
Tags: apt, attack, backdoor, cve, cyber, cybercrime, dos, exploit, flaw, malware, microsoft, ransomware, rce, remote-code-execution, service, software, threat, update, vulnerability, zero-dayMicrosoft addressed over 1,100 CVEs as part of Patch Tuesday releases in 2025, including 40 zero-day vulnerabilities. Key takeaways: Microsoft’s 2025 Patch Tuesday releases addressed 1,130 CVEs. This is the second year in a row where the CVE count was over 1,000. Elevation of Privilege vulnerabilities accounted for 38.3% of all Patch Tuesday vulnerabilities in…
-
Microsoft Patch Tuesday 2025 Year in Review
Tags: apt, attack, backdoor, cve, cyber, cybercrime, dos, exploit, flaw, malware, microsoft, ransomware, rce, remote-code-execution, service, software, threat, update, vulnerability, zero-dayMicrosoft addressed over 1,100 CVEs as part of Patch Tuesday releases in 2025, including 40 zero-day vulnerabilities. Key takeaways: Microsoft’s 2025 Patch Tuesday releases addressed 1,130 CVEs. This is the second year in a row where the CVE count was over 1,000. Elevation of Privilege vulnerabilities accounted for 38.3% of all Patch Tuesday vulnerabilities in…
-
Cybercriminals Use Fake Game Updates on Itch.io and Patreon to Push Lumma Stealer
The indie gaming community faces a new and sophisticated threat. Malicious actors are exploiting itch.io and Patreon to distribute the Lumma Stealer malware disguised as legitimate game updates, targeting unsuspecting gamers through a systematic spam campaign across the platform. Newly created itch.io accounts have been flooding comment sections of legitimate games with templated messages claiming…
-
Cybercriminals Use Fake Game Updates on Itch.io and Patreon to Push Lumma Stealer
The indie gaming community faces a new and sophisticated threat. Malicious actors are exploiting itch.io and Patreon to distribute the Lumma Stealer malware disguised as legitimate game updates, targeting unsuspecting gamers through a systematic spam campaign across the platform. Newly created itch.io accounts have been flooding comment sections of legitimate games with templated messages claiming…
-
CISA and FBI Warn of Pro-Russia Hacktivist Attacks on Critical Infrastructure Worldwide
Tags: advisory, attack, cisa, cyber, cybercrime, cybersecurity, infrastructure, international, russia, tactics, technologyThe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and international partners from the European Cybercrime Centre (EC3) have released a joint cybersecurity advisory detailing the escalating activities of pro-Russia hacktivist groups. This new advisory highlights a shift in tactics, with hacktivists targeting Operational Technology (OT) and Industrial…
-
CISA and FBI Warn of Pro-Russia Hacktivist Attacks on Critical Infrastructure Worldwide
Tags: advisory, attack, cisa, cyber, cybercrime, cybersecurity, infrastructure, international, russia, tactics, technologyThe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and international partners from the European Cybercrime Centre (EC3) have released a joint cybersecurity advisory detailing the escalating activities of pro-Russia hacktivist groups. This new advisory highlights a shift in tactics, with hacktivists targeting Operational Technology (OT) and Industrial…