Tag: nation state actors
81 articles

RansomHouse Hackers Claim Breach of Trellix Source Code
Trellix has confirmed a breach of its source code repository, with hackers from the notorious RansomHouse group claiming to have accessed and encrypted sensitive data on April 17. The group has even posted leaked screenshots to back up its claims.

Phishing Campaign Exploits Signed RMM Software to Plant Persistent Backdoors
A long-running phishing campaign has compromised over 80 US organizations by using legitimately signed remote monitoring software to install silent, persistent backdoors, according to Securonix research. The attack begins with a clever email impersonating the US Social Security Administration, tricking victims into downloading malicious payloads.

Microsoft Exposes Large-Scale Phishing Campaign Targeting 35,000 Users Worldwide
A massive phishing campaign targeting over 35,000 users worldwide has been uncovered, using sophisticated email templates that convincingly masquerade as legitimate internal communications. The highly convincing lures successfully hit organizations across 26 countries, with a staggering 92% of targets based in the US.

Vietnamese Hackers Exploit Google AppSheet in 30,000-Account Facebook Phishing Spree
A massive phishing operation, dubbed AccountDumpling, has compromised around 30,000 Facebook accounts using a clever tactic: sending malicious emails from a legitimate Google AppSheet address to bypass spam filters. This sophisticated scam was more than just a simple phishing kit - it was a constantly evolving operation with real-time control panels and a lucrative criminal enterprise.

Ransomware Negotiators Sentenced for BlackCat Attacks
Two former cybersecurity experts, who once worked to protect companies, were sentenced to four years in prison for using their skills to extort US businesses as affiliates of the notorious BlackCat ransomware gang. They exploited their specialized knowledge to orchestrate attacks on US companies, leaving a trail of devastation in their wake.

Phishing campaigns increasingly harness AI to evade detection
Phishing campaigns are getting smarter by the minute, with a whopping 86% of recent attempts leveraging AI to sneak past detection. This marks a significant jump from just two years ago, when AI was used in 80% of phishing ops.

New Extortion Crews Mimic Scattered Spider Tactics in Rapid Attacks
New extortion crews, Cordial Spider and Snarky Spider, are rapidly carrying out data-theft-for-extortion campaigns, closely mimicking the tactics of notorious group Scattered Spider. These financially motivated groups, tied to The Com, have been targeting US-based organizations since October 2025.

Ukraine Arrests Hackers Behind 610,000 Roblox Account Breach
Ukrainian authorities have cracked down on a group of hackers responsible for breaching over 610,000 Roblox accounts in a months-long phishing scam that harvested credentials and tokens. The stolen access was used to snag in-game items and Robux, Roblox's virtual currency.

Ukrainian Police Disrupt Roblox Account Hacking Ring
Ukrainian police have cracked down on a massive Roblox account hacking ring, arresting three suspects who hijacked over 610,000 accounts and resold them for a staggering $225,000 profit. The bust in Lviv also yielded a haul of $35,000 in cash and dozens of digital devices.

OAuth Breach Risks Expose AI-Driven Enterprise Vulnerability
A single misstep with a trial AI tool led to a major breach: a Vercel employee's casual OAuth grant to Context.ai created a lasting vulnerability that attackers exploited when Context.ai was compromised. This incident highlights the alarming ease with which AI-driven tools can become enterprise security weak spots.

Scattered Spider Targets Global Firms with Identity-Driven Attacks
Scattered Spider is on the prowl, launching identity-driven attacks on major global firms across various industries, from retail and hospitality to telecom, insurance, and airlines. Get insider expert advice from Dr. Torsten George on how to outsmart this sophisticated cybercrime collective.

Medtronic Discloses Cyber Breach by ShinyHunters Gang
Medtronic recently reported a cyber breach by the ShinyHunters gang to federal authorities and the SEC, revealing that hackers had infiltrated its corporate IT system. Fortunately, the company has found no evidence that patient safety or electronic connections to customers were compromised.

Scammers Exploit Trust in Remote Job Interviews
Boris Vujičić thought he had landed a legit remote job interview, but the scammers behind it expertly gained his trust, convincing him to let his guard down long enough to hack into his laptop. A fake LinkedIn recruiter, a professional website, and a convincing Zoom call with a person named Zam Villalon were all part of their clever scheme.

Researchers Expose ProxySmart Software Behind Global SIM Farms
Meet ProxySmart, a sneaky software powering "SIM Farm as a Service" operations worldwide, with a massive footprint of 94 phone farms across 17 countries and 19 US states. Its creators, a Belarus-based vendor, have made it easy for operators to run mobile proxy infrastructure at commercial scale.

Former Ransomware Negotiator Pleads Guilty to BlackCat Attacks
A former expert who was paid to negotiate with cybercriminals has taken a shocking turn, pleading guilty to participating in high-profile BlackCat ransomware attacks on US companies. Angelo Martino, a 41-year-old ex-incident responder, admitted to his role in the 2023 attacks.

Scattered Spider Operative Pleads Guilty to US Federal Charges
In a major breakthrough, Tyler Robert Buchanan, a senior figure in the notorious Scattered Spider cybercrime group, has pleaded guilty to federal charges, bringing an end to his digital crime spree. Buchanan admitted to conspiracy to commit wire fraud and aggravated identity theft in a US federal district court.

Operation Atlantic Disrupts $45 Million Crypto Phishing Fraud
In a shocking turn of events, Operation Atlantic successfully disrupted a massive $45 million crypto phishing fraud, putting a stop to a large-scale scam that had been wreaking havoc on unsuspecting victims. This stunning breakthrough highlights the ongoing battle to protect the crypto ecosystem from malicious threats.

AI Models Accelerate Vulnerability Discovery, Pressing Defenders to Adapt
The double-edged sword of AI: while it's being used to help developers, it's also become a powerful tool for attackers to rapidly discover and exploit software flaws, forcing defenders to scramble to keep up. As AI-powered vulnerability discovery accelerates, the pressure is on for defenders to adapt and harden legacy systems before it's too late.

AI-Driven Vulnerability Risks Expose Security Teams to Reality Check
The AI-driven vulnerability landscape just got a harsh reality check: with AI-powered tools like Anthropic's Claude Mythos speeding up vulnerability discovery, security teams are facing a daunting new challenge - keeping up with the rapid pace of exploit development. The real question is, are defenders ready to respond?

Mirax RAT Exploits Meta Apps to Infiltrate Android Devices
Beware of fake ads on Meta apps - a sneaky new malware called Mirax RAT is using them to secretly take control of Android devices, with a focus on Spanish-speaking nations. This remote access Trojan is part of a growing Malware-as-a-Service economy that's putting unsuspecting users at risk.

Rockstar Games Data Breached as ShinyHunters Exploits Third-Party Vulnerability
Rockstar Games has been hit by a data breach, with a notorious hacking group called ShinyHunters claiming it accessed sensitive information through a vulnerability in a third-party tool, rather than a complex hack. The group says it simply walked through an open door, exploiting access to Snowflake metrics to get to the data.

EngageLab SDK Flaw Compromises 50M Android Users
A security flaw in the EngageLab SDK has put a whopping 50 million Android users at risk, allowing apps on the same device to bypass Android's security sandbox and gain unauthorized access to sensitive information. This vulnerability, now patched, exposed cryptocurrency wallet users and others to potential data breaches.
Bithumb Unveils Post-Hack Recovery Strategy
In the wake of a crypto crisis, can the digital-asset ecosystem bounce back without shaking user trust? Bithumb's newly unveiled recovery strategy is a step in the right direction, but will it be enough to restore confidence after a string of high-profile hacks and mishaps?

Phishing Gang Targets Dozens of Corporations in Helpdesk Scam Spree
Beware of the person on the other end of the line - a new phishing gang is impersonating IT helpdesks to scam dozens of major corporations, leaving investigators racing to keep up. Google is sounding the alarm on this latest extortion tactic, which uses clever social engineering to catch victims off guard.