Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
Security Boulevard

Emulating the Mutative BlackByte Ransomware

AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackByte ransomware, a strain operated ...
Dark Reading

VMware Aria Operations Bug Exploited, Cloud Resources at Risk

Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims' cloud ...

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...

Be aware of extortion scam emails claiming your data is stolen

Bitcoin extortion emails claiming hackers stole your information are hitting thousands of inboxes daily, and experts are warning users of the signs.

Claude didn't just plan an attack on Mexico's government. It executed one for a month — across four domains your security stack can't see.

A hacker jailbroke Claude to steal 150GB of Mexican government data in a month-long campaign. CrowdStrike's latest threat report shows it's part of a wider pattern — and maps four domains most ...
WeLiveSecurity

Protecting education: How MDR can tip the balance in favor of schools

The education sector is notoriously short on cash, but rich in assets for threat actors to target. How can managed detection and response (MDR) help learning institutions regain the initiative?
Intelligent CIO

AI, cyber conflict and the new frontline: The growing risk to US critical infrastructure

A new CloudSEK report warns that the convergence of Artificial Intelligence tools, expanding Internet-exposed industrial systems and ideologically motivated cyber actors is reshaping the threat ...

Scattered Lapsus$ Hunters auditioning female voices to sharpen social engineering

Telegram posts promise up to $1,000 per call as gang refines IT helpdesk ruse Prolific cybercrime crew Scattered Lapsus$ ...

Scammers recruit women to exploit company executives

Telegram posts reveal cyber gangs paying high amounts to women for impersonation in IT support fraud operations ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

Cybercriminals hire women for authentic social engineering scams — promising up to $1,000 per call

Group aims to deceive IT staff into revealing corporate login credentials ...