The Chinese cyber threat group FamousSparrow has been associated with a cyber attack that targeted a trade group in the United States and a research institute in Mexico, with the goal of deploying its primary backdoors, SparrowDoor and ShadowPad. Background FamousSparrow is a cyberespionage group with strong ties to China, active since 2019. This group … Continued
Yesterday, we at Cybersecurity88 reported that StreamElements’ data was being sold on an underground forum, although we couldn’t verify the authenticity of the claim. Today, StreamElements has officially confirmed the data breach. 🚨 Data Breach Alert A threat actor named “whorless” claims to have stolen personal info from StreamElements, including Name, Address, Phone, and Email. … Continued
New research reveals that Raspberry Robin, once a minor player in the cybercrime world, has rapidly developed into a threat actor and plays a constant role in Russian government and its backed group’s cyberattacks. Background Originally, Raspberry Robin operated by delivering its worm payloads through infected USB drives. Between 2019 and 2023, it predominantly targeted … Continued
Broadcom has released critical security patches to address a high security authentication bypass flaw in Vmware Tools for Windows, tracked as CVE-2025-22230.This vulnerability stems from improper access control. VMware Tools are a set of utilities designed to enhance performance and integrations for guest OSes in VMware virtual machines, It was reported by a Sergey Bliznyuk … Continued
A new cybersecurity report reveals a prolonged cyber espionage campaign by a China-nexus threat actor, dubbed “Weaver Ant,” that maintained persistent access to a major telecommunications provider for over four years. This operation highlights the sophistication of state-sponsored cyber espionage, Targeting critical telecommunications infrastructure Demonstrating advanced persistent threat (APT) capabilities Exploiting multiple technical vulnerabilities across … Continued
A set of five vulnerabilities, collectively called “IngressNightmare”, have been discovered in the Ingress NGINX Controller for Kubernetes, posing an immediate threat to over 6,500 Kubernetes clusters. These vulnerabilities could lead to RCE(Remote Code Authentication). The vulnerabilities, tracked as CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974. Vulnerabilities at a Glance The Ingress NGINX Controller relies on … Continued
VanHelsingRaaS, a new ransomware-as-a-service (RaaS) affiliate program, was launched on March 7, 2025, and has quickly gained traction in the cybercrime community. With its rapidly evolving malware infrastructure, the RaaS is already causing significant damage. The Big Picture Affiliates can join VanHelsingRaaS with a deposit of $5,000, while experienced affiliates may join for free. Once … Continued
There has been a rise in the use of sponsored ads on platforms like Google and Instagram for malicious purposes, such as phishing attempts or spread malware. Now, this scheme has extended to target Semrush users, a widely used SEO and market research platform. With Semrush serving over 40% of Fortune 500companies and 117,000 paying … Continued
Dragon RaaS is a Russian Ransomware group that actively participates in hacktivism and cybercrime. It gained significant attention in July of last year when it became part of a larger cybercrime syndicate known as “The Five Families,” which includes ThreatSec, GhostSec, Blackforums, and SiegedSec. The group officially launched its operations in October 2024, announcing its … Continued
After infamous NSO group’s fiasco, another Israeli spyware provider has come under public scrutiny for supplying spyware to major Western governments. Researchers have now mapped out the global infrastructure of this new spyware in a report published on Wednesday. Background Founded in Israel in 2019 by former Prime Minister Ehud Barak and ex-Unit … Continued
