North Korea’s infamous Lazarus Group, known for or cybercriminal activity aimed at funding the regime through cryptocurrency theft, is adopting a new “ClickFix” attack method. This latest campaign dubbed as “ClickFake Interview” is aimed to exploit job seekers. The move signals a shift in Lazarus group’s strategy, targeting less tech-savvy victims in the cryptocurrency sector. … Continued
Zscaler ThreatLabz has identified CoffeeLoader, a sophisticated malware loader that emerged in September 2024. Designed to deploy second-stage payloads while evading detection by endpoint security products, CoffeeLoader utilizes advanced evasion techniques, including GPU-based code execution, call stack spoofing, and Windows fiber manipulation. CoffeeLoader’s Architecture Packer (Armoury) GPU-Based Protection: Uses the GPU for executing decryption routines, … Continued
The Hellcat hacking group, which gained limelight in 2024, after a series of high-profile cyber attacks on major corporations like Schneider Electric, Telefónica, and Orange Romania. New research by KelaCyber has revealed the true identities of the group’s key members, Rey and Pyrx. Here’s a breakdown of their findings. Key Details From an obscure group … Continued
A sophisticated Android remote access trojan (RAT) known as PJobRat has resurfaced, targeting Taiwanese people through deceptive messaging applications. Background Initially discovered in 2019, PJobRat targeted active-duty military personnel in India by impersonating dating and instant messaging apps. After being inactive for several years, it has resurfaced in Taiwan. The most recent campaign in Taiwan … Continued
The Chinese cyber threat group FamousSparrow has been associated with a cyber attack that targeted a trade group in the United States and a research institute in Mexico, with the goal of deploying its primary backdoors, SparrowDoor and ShadowPad. Background FamousSparrow is a cyberespionage group with strong ties to China, active since 2019. This group … Continued
Yesterday, we at Cybersecurity88 reported that StreamElements’ data was being sold on an underground forum, although we couldn’t verify the authenticity of the claim. Today, StreamElements has officially confirmed the data breach. 🚨 Data Breach Alert A threat actor named “whorless” claims to have stolen personal info from StreamElements, including Name, Address, Phone, and Email. … Continued
New research reveals that Raspberry Robin, once a minor player in the cybercrime world, has rapidly developed into a threat actor and plays a constant role in Russian government and its backed group’s cyberattacks. Background Originally, Raspberry Robin operated by delivering its worm payloads through infected USB drives. Between 2019 and 2023, it predominantly targeted … Continued
Broadcom has released critical security patches to address a high security authentication bypass flaw in Vmware Tools for Windows, tracked as CVE-2025-22230.This vulnerability stems from improper access control. VMware Tools are a set of utilities designed to enhance performance and integrations for guest OSes in VMware virtual machines, It was reported by a Sergey Bliznyuk … Continued
A new cybersecurity report reveals a prolonged cyber espionage campaign by a China-nexus threat actor, dubbed “Weaver Ant,” that maintained persistent access to a major telecommunications provider for over four years. This operation highlights the sophistication of state-sponsored cyber espionage, Targeting critical telecommunications infrastructure Demonstrating advanced persistent threat (APT) capabilities Exploiting multiple technical vulnerabilities across … Continued
A set of five vulnerabilities, collectively called “IngressNightmare”, have been discovered in the Ingress NGINX Controller for Kubernetes, posing an immediate threat to over 6,500 Kubernetes clusters. These vulnerabilities could lead to RCE(Remote Code Authentication). The vulnerabilities, tracked as CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974. Vulnerabilities at a Glance The Ingress NGINX Controller relies on … Continued
