Tag: cybercrime
-
Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals
US, European, and Japanese authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma, an infostealer popular with criminal gangs. First seen on wired.com Jump to article: www.wired.com/story/lumma-stealer-takedown-disrupted/
-
PupkinStealer Exploits Web Browser Passwords and App Tokens to Exfiltrate Data Through Telegram
A newly identified .NET-based information-stealing malware, dubbed PupkinStealer (also known as PumpkinStealer in some reports), has surfaced as a significant cyber threat, targeting sensitive data such as web browser passwords and application session tokens. First observed in the wild around April 2025, this malware is believed to have roots in Russian-speaking cybercrime communities, with indicators…
-
Cybercriminals Mimic Kling AI to Distribute Infostealer Malware
A new malware campaign disguised as Kling AI used fake Facebook ads and counterfeit websites to distribute an infostealer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cyber-criminals-mimic-kling-ai/
-
The cyber-attack is costly and embarrassing. But M&S should pull through
If £300m can be whittled down to £150m, it’s a big hit but still a long way from upsetting M&S’s broader revivalShouldn’t a robust IT system be able to withstand the odd “human error”, such as somebody at a third-party supplier being hoodwinked by devious cybercriminals? Isn’t <a href=”https://www.theguardian.com/business/2025/may/21/cyber-attack-cost-marks-and-spencer-lost-sales-company-results-reveal”>£300m at the expensive end for these…
-
‘Deep concern’ for domestic abuse survivors as cybercriminals expected to publish confidential refuge addresses
A data extortion incident impacting the British government’s Legal Aid Agency could have serious implications for vulnerable people. First seen on therecord.media Jump to article: therecord.media/concern-domestic-survivors-breach-london
-
UK police looking at ‘range’ of potential perpetrators behind retail cyberattacks
The head of the cybercrime unit at the National Crime Agency says the investigation into cyberattacks on British retail companies is not focused on a specific group, for now. First seen on therecord.media Jump to article: therecord.media/uk-retail-cyberattacks-nca-investigation
-
Scattered Spider is focus of NCA inquiry into cyber-attacks against UK retailers
Detectives say English-speaking hacker community a key suspect after M&S, Co-op and Harrods targeted<ul><li><a href=”https://www.theguardian.com/business/live/2025/may/21/uk-inflation-forecast-jumped-april-higher-household-bills-reeves-g7-canada-business-live”>Business live latest updates</li></ul>A hacker community known as Scattered Spider is a key suspect in a criminal inquiry into cyber-attacks against UK retailers including Marks & Spencer, detectives have said.Scattered Spider, a loose collective of native English-speaking cybercriminals, has been strongly…
-
India Launches e-Zero FIR System to Fast-Track Financial Cybercrime Cases
Indian Ministry of Home Affairs (MHA) has introduced the e-Zero FIR system, a digital-forward solution to ensure justice for victims of financial cybercrimes. Announced by India’s Union Home Minister and Minister of Cooperation Amit Shah on May 19, 2025, this initiative is part of the government’s Cyber Secure Bharat initiative. First seen on thecyberexpress.com Jump…
-
Coinbase says recent data breach impacts 69,461 customers
Coinbase, a cryptocurrency exchange with over 100 million customers, revealed that a recent data breach in which cybercriminals stole customer and corporate data affected 69,461 individuals First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-says-recent-data-breach-impacts-69-461-customers/
-
Cybercriminals Could Leverage Google Cloud Platform for Malicious Activities
A Research by Tenable and Cisco Talos has shed light on a critical vulnerability in Google Cloud Platform’s (GCP) Cloud Functions and Cloud Build services, revealing a potential attack vector for cybercriminals. According to Tenable, the default Cloud Build Service Account (SA) previously granted excessive permissions during the deployment of Cloud Functions, a serverless compute…
-
M&S Reportedly Hacked Using Third-Party Credentials
Scattered Spider Stole Tata Consulting Services Employee Login Details for Hack. British retailer Marks & Spencer was reportedly compromised by cybercrime group Scattered Spider using stolen employee credentials from a third-party IT company. Citing an unidentified source, Reuters reported hackers used the M&S login credentials of two Tata Consulting Services employees. First seen on govinfosecurity.com…
-
Account Takeover Scams Are Bypassing Fraud Defenses
FIs Must Invest in AI-Fueled Behavioral Biometrics to Go Beyond Static Credentials. Scammers are increasingly turning to account takeover fraud, as financial institutions ramp up their defenses. Instead of luring victims into making authorized transactions, cybercriminals are bypassing them altogether, hijacking their digital identities and draining accounts from within. First seen on govinfosecurity.com Jump to…
-
VanHelsing ransomware builder leaked on hacking forum
The VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor builder after an old developer tried to sell it on the RAMP cybercrime forum. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vanhelsing-ransomware-builder-leaked-on-hacking-forum/
-
‘Hazy Hawk’ Cybercrime Gang Swoops In for Cloud Resources
Since December 2023, the threat group has preyed on domains belonging to the US Centers for Disease Control and Prevention (CDC) and numerous other reputable organizations worldwide to redirect users to malicious sites. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/hazy-hawk-cybercrime-gang-cloud-resources
-
Hackers Abuse TikTok and Instagram APIs to Verify Stolen Account Credentials
Cybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit TikTok and Instagram APIs for verifying stolen account credentials. Security researchers at Socket have identified three such packages checker-SaGaF, steinlurks, and sinnercore that automate the process of validating emails and usernames against social media platforms. Released between April 2023 and…
-
Hackers Use Weaponized RAR Archives to Deliver Pure Malware in Targeted Attacks
Russian organizations have become prime targets of a sophisticated malware campaign deploying the Pure malware family, first identified in mid-2022. Distributed via a Malware-as-a-Service (MaaS) model, Pure malware allows cybercriminals to purchase and deploy it with ease. While the campaign began in March 2023, the first third of 2025 witnessed a staggering fourfold increase in…
-
UK government confirms massive data breach following hack of Legal Aid Agency
A large cache of sensitive data about people who applied for legal aid in the U.K. is potentially in the possession of cybercriminals, the government said. First seen on therecord.media Jump to article: therecord.media/uk-legal-aid-agency-data-breach
-
Millions at risk after attackers steal UK legal aid data dating back 15 years
Cybercriminals lifted info including addresses, ID numbers, and financial records from agency systems First seen on theregister.com Jump to article: www.theregister.com/2025/05/19/legal_aid_agency_data_theft/
-
Health Care Data Breach Costs BreachForums Admin $700,000 Fine
Conor Brian Fitzpatrick, the 22-year-old former administrator of cybercrime forum Breachforums, will forfeit approximately $700,000 to settle a civil lawsuit stemming from a healthcare data breach. The settlement marks a rare instance where a cybercriminal’s assets will directly compensate victims of a data breach. Fitzpatrick, known online as >>Pompompurin,
-
Coinbase flips $20M extortion demand into bounty for info on attackers
The largest cryptocurrency exchange in the U.S. said cybercriminals bribed insiders to steal data on customers, some of whom were duped into handing over crypto assets. First seen on cyberscoop.com Jump to article: cyberscoop.com/coinbase-cyberattack-extortion-counter-reward/
-
Cybercriminal Andrei Tarasov Escapes US Extradition, Returns to Russia
Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as >>Aels,
-
Researchers Replicate Advanced Tactics and Tools of VanHelsing Ransomware
Cybersecurity researchers at AttackIQ have meticulously emulated the intricate tactics, techniques, and procedures (TTPs) of the VanHelsing ransomware, a potent ransomware-as-a-service (RaaS) operation that surfaced in March 2025. This cyber threat has rapidly gained notoriety within the cybercriminal underworld for its advanced cross-platform capabilities and aggressive double extortion model. VanHelsing targets a wide array of…
-
FBI: US officials targeted in voice deepfake attacks since April
The FBI warned that cybercriminals using AI-generated audio deepfakes to target U.S. officials in voice phishing attacks that started in April. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-us-officials-targeted-in-voice-deepfake-attacks-since-april/
-
Coinbase Offers $20m Bounty to Take Down Cybercrime Ring Behind Hack
Coinbase is offering a $20m reward to help catch the threat actor behind a cyber-attack that could cost it between $180-$400m First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/coinbase-offers-20m-bounty/
-
Xanthorox Emerging BlackHat AI Tool Empowering Hackers in Phishing and Malware Campaigns
Tags: ai, conference, crypto, cyber, cybercrime, cybersecurity, dark-web, github, hacker, intelligence, malware, phishing, toolArtificial intelligence platform named Xanthorox has emerged as a potent new tool for cybercriminals, enabling the automated generation of phishing campaigns, malware, and hyperrealistic deepfakes. Unlike traditional dark-web tools restricted to hidden forums, Xanthorox’s developer openly advertises its capabilities on public platforms like GitHub, YouTube, and Telegram while accepting cryptocurrency payments for access. Cybersecurity experts…
-
Coinbase data breach exposes customer info and government IDs
Coinbase, a cryptocurrency exchange with over 100 million customers, has disclosed that cybercriminals working with rogue support agents stole customer data and demanded a $20 million ransom not to publish the stolen information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-discloses-breach-faces-up-to-400-million-in-losses/
-
Who needs VC funding? How cybercriminals spread their ill-gotten gains to everyday business ventures
The benefits of cybercrime aren’t all flashy cars and watches. Sophos X-Ops researchers discovered it also fuels a far-reaching mix of ordinary, sometimes unremarkable businesses. First seen on cyberscoop.com Jump to article: cyberscoop.com/what-cybercriminals-do-with-their-money-sophos/
-
5 BCDR Essentials for Effective Ransomware Defense
Ransomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling organizations of any size. Cybercriminals now exploit even legitimate IT tools to infiltrate networks and launch ransomware attacks. In a chilling example, Microsoft recently disclosed how threat actors misused its Quick Assist remote assistance tool to deploy the destructive First…