Skip to main content

Tag: nation state actors

81 articles

Rows of computer servers with flickering screens and dimmed lights suggest a breach or disruption in a technology company's…

RansomHouse Hackers Claim Breach of Trellix Source Code

Trellix has confirmed a breach of its source code repository, with hackers from the notorious RansomHouse group claiming to have accessed and encrypted sensitive data on April 17. The group has even posted leaked screenshots to back up its claims.

Analyst 207
Person in background looks concerned at a piece of paper near a computer workstation.

Phishing Campaign Exploits Signed RMM Software to Plant Persistent Backdoors

A long-running phishing campaign has compromised over 80 US organizations by using legitimately signed remote monitoring software to install silent, persistent backdoors, according to Securonix research. The attack begins with a clever email impersonating the US Social Security Administration, tricking victims into downloading malicious payloads.

Analyst 207
Laptop workstation in a brightly-lit hospital corridor with medical equipment and computers in the background.

Microsoft Exposes Large-Scale Phishing Campaign Targeting 35,000 Users Worldwide

A massive phishing campaign targeting over 35,000 users worldwide has been uncovered, using sophisticated email templates that convincingly masquerade as legitimate internal communications. The highly convincing lures successfully hit organizations across 26 countries, with a staggering 92% of targets based in the US.

Analyst 207
Concerned person checks laptop in small workspace, conveying vulnerability.

Vietnamese Hackers Exploit Google AppSheet in 30,000-Account Facebook Phishing Spree

A massive phishing operation, dubbed AccountDumpling, has compromised around 30,000 Facebook accounts using a clever tactic: sending malicious emails from a legitimate Google AppSheet address to bypass spam filters. This sophisticated scam was more than just a simple phishing kit - it was a constantly evolving operation with real-time control panels and a lucrative criminal enterprise.

Analyst 207
Formal courthouse interior with podium and judge's bench under tall windows.

Ransomware Negotiators Sentenced for BlackCat Attacks

Two former cybersecurity experts, who once worked to protect companies, were sentenced to four years in prison for using their skills to extort US businesses as affiliates of the notorious BlackCat ransomware gang. They exploited their specialized knowledge to orchestrate attacks on US companies, leaving a trail of devastation in their wake.

Analyst 207
Office worker sits at desk with laptop and papers, surrounded by ordinary office atmosphere.

Phishing campaigns increasingly harness AI to evade detection

Phishing campaigns are getting smarter by the minute, with a whopping 86% of recent attempts leveraging AI to sneak past detection. This marks a significant jump from just two years ago, when AI was used in 80% of phishing ops.

Analyst 207
New Extortion Crews Mimic Scattered Spider Tactics in Rapid Attacks

New Extortion Crews Mimic Scattered Spider Tactics in Rapid Attacks

New extortion crews, Cordial Spider and Snarky Spider, are rapidly carrying out data-theft-for-extortion campaigns, closely mimicking the tactics of notorious group Scattered Spider. These financially motivated groups, tied to The Com, have been targeting US-based organizations since October 2025.

Analyst 207
Cluttered home office setup with gaming console and laptop surrounded by papers and snack packaging.

Ukraine Arrests Hackers Behind 610,000 Roblox Account Breach

Ukrainian authorities have cracked down on a group of hackers responsible for breaching over 610,000 Roblox accounts in a months-long phishing scam that harvested credentials and tokens. The stolen access was used to snag in-game items and Robux, Roblox's virtual currency.

Analyst 207
Ukrainian police officers in a brightly lit office with computers and law enforcement equipment.

Ukrainian Police Disrupt Roblox Account Hacking Ring

Ukrainian police have cracked down on a massive Roblox account hacking ring, arresting three suspects who hijacked over 610,000 accounts and resold them for a staggering $225,000 profit. The bust in Lviv also yielded a haul of $35,000 in cash and dozens of digital devices.

Analyst 207
Laptop on a desk with a login screen, behind it a blurred enterprise software dashboard on a large screen.

OAuth Breach Risks Expose AI-Driven Enterprise Vulnerability

A single misstep with a trial AI tool led to a major breach: a Vercel employee's casual OAuth grant to Context.ai created a lasting vulnerability that attackers exploited when Context.ai was compromised. This incident highlights the alarming ease with which AI-driven tools can become enterprise security weak spots.

Analyst 207
Brightly-lit office lobby with a hint of unease, generic multinational company setting.

Scattered Spider Targets Global Firms with Identity-Driven Attacks

Scattered Spider is on the prowl, launching identity-driven attacks on major global firms across various industries, from retail and hospitality to telecom, insurance, and airlines. Get insider expert advice from Dr. Torsten George on how to outsmart this sophisticated cybercrime collective.

Analyst 207
Medical equipment sits in a quiet clinical room with soft daylight, hinting at a potential disruption.

Medtronic Discloses Cyber Breach by ShinyHunters Gang

Medtronic recently reported a cyber breach by the ShinyHunters gang to federal authorities and the SEC, revealing that hackers had infiltrated its corporate IT system. Fortunately, the company has found no evidence that patient safety or electronic connections to customers were compromised.

Analyst 207
Person sitting at laptop with neutral expression, hint of Zoom call on screen.

Scammers Exploit Trust in Remote Job Interviews

Boris Vujičić thought he had landed a legit remote job interview, but the scammers behind it expertly gained his trust, convincing him to let his guard down long enough to hack into his laptop. A fake LinkedIn recruiter, a professional website, and a convincing Zoom call with a person named Zam Villalon were all part of their clever scheme.

Analyst 207
Cluttered server room with laptops, smartphones, and tangled cables, hint of a global map in the background.

Researchers Expose ProxySmart Software Behind Global SIM Farms

Meet ProxySmart, a sneaky software powering "SIM Farm as a Service" operations worldwide, with a massive footprint of 94 phone farms across 17 countries and 19 US states. Its creators, a Belarus-based vendor, have made it easy for operators to run mobile proxy infrastructure at commercial scale.

Analyst 207
Hooded figure surrounded by screens with code, cityscape, and devices on a table.

Former Ransomware Negotiator Pleads Guilty to BlackCat Attacks

A former expert who was paid to negotiate with cybercriminals has taken a shocking turn, pleading guilty to participating in high-profile BlackCat ransomware attacks on US companies. Angelo Martino, a 41-year-old ex-incident responder, admitted to his role in the 2023 attacks.

Analyst 207
Hooded figure sits in dimly lit room surrounded by shattered screens and tangled wires.

Scattered Spider Operative Pleads Guilty to US Federal Charges

In a major breakthrough, Tyler Robert Buchanan, a senior figure in the notorious Scattered Spider cybercrime group, has pleaded guilty to federal charges, bringing an end to his digital crime spree. Buchanan admitted to conspiracy to commit wire fraud and aggravated identity theft in a US federal district court.

Analyst 207
Person in hoodie sits before laptop with cityscape, fishing rod hooks crypto symbol amidst scattered papers.

Operation Atlantic Disrupts $45 Million Crypto Phishing Fraud

In a shocking turn of events, Operation Atlantic successfully disrupted a massive $45 million crypto phishing fraud, putting a stop to a large-scale scam that had been wreaking havoc on unsuspecting victims. This stunning breakthrough highlights the ongoing battle to protect the crypto ecosystem from malicious threats.

Analyst 207
A lone hooded figure hunched over a laptop surrounded by code and network diagrams with a blurred cityscape at dusk in the…

AI Models Accelerate Vulnerability Discovery, Pressing Defenders to Adapt

The double-edged sword of AI: while it's being used to help developers, it's also become a powerful tool for attackers to rapidly discover and exploit software flaws, forcing defenders to scramble to keep up. As AI-powered vulnerability discovery accelerates, the pressure is on for defenders to adapt and harden legacy systems before it's too late.

Analyst 207
Lone security guard stands before cracked digital wall with cityscape in ruins behind.

AI-Driven Vulnerability Risks Expose Security Teams to Reality Check

The AI-driven vulnerability landscape just got a harsh reality check: with AI-powered tools like Anthropic's Claude Mythos speeding up vulnerability discovery, security teams are facing a daunting new challenge - keeping up with the rapid pace of exploit development. The real question is, are defenders ready to respond?

Analyst 207
Cracked smartphone on a dark surface surrounded by tangled wires, with a blurred cityscape at dusk in the background.

Mirax RAT Exploits Meta Apps to Infiltrate Android Devices

Beware of fake ads on Meta apps - a sneaky new malware called Mirax RAT is using them to secretly take control of Android devices, with a focus on Spanish-speaking nations. This remote access Trojan is part of a growing Malware-as-a-Service economy that's putting unsuspecting users at risk.

Analyst 207
Shattered padlock and broken chain in front of cityscape with ominous laptop screen displaying game controller reflection.

Rockstar Games Data Breached as ShinyHunters Exploits Third-Party Vulnerability

Rockstar Games has been hit by a data breach, with a notorious hacking group called ShinyHunters claiming it accessed sensitive information through a vulnerability in a third-party tool, rather than a complex hack. The group says it simply walked through an open door, exploiting access to Snowflake metrics to get to the data.

Analyst 207
Ominous cityscape with giant cracked smartphone screen looming over skyscrapers, a concerned figure stands in foreground.

EngageLab SDK Flaw Compromises 50M Android Users

A security flaw in the EngageLab SDK has put a whopping 50 million Android users at risk, allowing apps on the same device to bypass Android's security sandbox and gain unauthorized access to sensitive information. This vulnerability, now patched, exposed cryptocurrency wallet users and others to potential data breaches.

Analyst 207
Person studies laptop in dark room with shattered glass and scattered coins, surrounded by cityscape.

Bithumb Unveils Post-Hack Recovery Strategy

In the wake of a crypto crisis, can the digital-asset ecosystem bounce back without shaking user trust? Bithumb's newly unveiled recovery strategy is a step in the right direction, but will it be enough to restore confidence after a string of high-profile hacks and mishaps?

Analyst 207
Person in a hoodie surrounded by screens with helpdesk software, face obscured, in a dark room with cityscape visible…

Phishing Gang Targets Dozens of Corporations in Helpdesk Scam Spree

Beware of the person on the other end of the line - a new phishing gang is impersonating IT helpdesks to scam dozens of major corporations, leaving investigators racing to keep up. Google is sounding the alarm on this latest extortion tactic, which uses clever social engineering to catch victims off guard.

Analyst 207