A recent investigation has uncovered a sophisticated malware campaign using the SilentCryptominer, a crypto currency mining malware, which is distributed through blackmailing YouTubers. Attackers are coercing YouTubers into promoting malicious phishing like under the guise of legitimate software, leading to widespread, unsuspecting installations among viewers. Modus Operandi It begins by cybercriminals filing false complaints against … Continued
Sidewinder, a notorious APT, (Advanced Persistent Threat) group, has recently upgraded its arsenal and widened its attack scope, with a recent focus on the nuclear reactor and maritime logistics companies. This threat actor is highly active in Southeast Asia, whose primary targets are military and government agencies of Pakistan, China, Sri Lanka, and Nepal. Now … Continued
Threat actors are exploiting AI-generated deepfake videos of Youtube CEO Neal Mohan to deceive content creators into leak their credentials. These fraudulent videos, shared privately, falsely announces changes to YouTube’s monetization policies. Creators who interact with these videos are director to phishing sites designed to steal their credentials. … Continued
The U.S. Secret Service has seized the domain of Garantex, a Russian cryptocurrency exchange known for working with ransomware gangs. This operation, coordinated with international law enforcement agencies like Europol, Duct police, and Germany’s BKA, is part of a broader effort to target illicit crypto activities linked to cybercrime. Background Garantex has been facilitating ransomware … Continued
The DOJ has unsealed multiple indictments against 12 Chinese nationals, including two officers of the Ministry of Public Security (MPS) and the employees of Chinese cybersecurity firm i-Soon. This investigation was carried out by the FBI, NSCS, State Department, and Treasury Department. Why it Matters This Indictment highlights the role of private contractors and freelance … Continued
Rubrik, a popular data protection and cybersecurity firm, recently found an unusual activity on the server containing log files. In response to this activity, the company proactively rotated its authentication keys to avoid potential security incidents. What Happened? In February 2025, Rubrik’s security team detected suspicious behavior on the log server. As a safety measure, … Continued
The Researchers have identified a major vulnerability in China’s Great Firewall (GFW), dubbed as Wallbleed. This flaw allowed censorship middleboxes to expose more than 125 bytes of their memory when processing crafted DNS queries. This could potentially leak sensitive information. The Big Picture This vulnerability allowed researchers to take an unprecedented look into the internal … Continued
A recent report reveals that Iranian-aligned hackers, identified as UNK_CraftyCamel, are leveraging polyglot files to breach UAE-based organisations as part of an ongoing cyber-espionage campaign. In October 2024, the adversary compromised the email account of an Indian electronics company “ INDIC Electronics” to send malicious messages. The malicious email contains a URL “https://indicelectronics[.]net/or/1/OrderList.zip” which downloaded … Continued
📌 A Strategic Shift in U.S. Cyber PolicyIn a bold move, the U.S. Department of Defense has halted all offensive cyber operations targeting Russia. This aligns with President Trump’s diplomatic initiative to reset relations with Moscow and seek solutions to the ongoing Ukraine conflict. 📌 Political Fallout & National Security ConcernsThe decision has triggered strong … Continued
Fresh off their audacious $1.5B crypto heist from Bybit, Lazarus group caught setting its sights on a new target: IOHK, the blockchain engineering company based in hong kong. Since 2017, the Lazarus Group has siphoned more than $6 billion dollar worth of crypto from exchanges and companies. The Lazarus Group: Kim’s Cyber Army Lazarus is … Continued
