Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job
A toolset associated with China-linked espionage intrusions was employed in a ransomware attack, likely by a single individual. Tools typically employed by Chinese cyberespionage groups have been used in a recent ransomware attack, likely by an individual hacker, Symantec notes in a fresh report. The toolset includes a legitimate Toshiba executable deployed on the victims’ […]
Authorities Arrested Hacker Behind 90 Major Data Breaches Worldwide
Cybersecurity firm Group-IB, alongside the Royal Thai Police and Singapore Police Force, announced the arrest of a prolific hacker linked to over 90 major data breaches across 25 countries, including 65 attacks in the Asia-Pacific region. The cybercriminal, operating under aliases ALTDOS, DESORDEN, GHOSTR, and 0mid16B, exfiltrated 13 terabytes of sensitive data between 2020 and 2025, targeting industries from healthcare […]
New Poco RAT Via Weaponized PDF Attacking Users to Capture Sensitive Data
A new variant of malware, dubbed “Poco RAT,” has emerged as a potent espionage tool in a campaign targeting Spanish-speaking users in Latin America. Security researchers at Positive Technologies Expert Security Center (PT ESC) have linked this malware to the notorious Dark Caracal group, known for its cyber-mercenary operations. The campaign employs weaponized PDF files as phishing […]
Police arrests suspects tied to AI-generated CSAM distribution ring
Law enforcement agencies from 19 countries have arrested 25 suspects linked to a criminal ring that was distributing child sexual abuse material (CSAM) generated using artificial intelligence (AI). Operation Cumberland, coordinated by Danish law enforcement and supported by Europol, resulted in the seizure of 173 electronic devices and the identification of 273 suspected members tied […]
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks
Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows. The vulnerable drivers were exploited in ‘Bring Your Own Vulnerable Driver’ (BYOVD) attacks where threat actors drop the kernel driver on a targeted system to elevate privileges. “An attacker with local access to a […]
Nearly 12,000 API keys and passwords found in AI training dataset
Close to 12,000 valid secrets that include API keys and passwords have been found in the Common Crawl dataset used for training multiple artificial intelligence models. The Common Crawl non-profit organization maintains a massive open-source repository of petabytes of web data collected since 2008 and is free for anyone to use. Because of the large dataset, many […]
The New Ransomware Groups Shaking Up 2025
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year’s total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of active ransomware groups jumped […]
3.2 Million Users Exposed by Malicious Browser Extensions
A newly uncovered cybersecurity threat has revealed that at least 3.2 million users have been affected by malicious browser extensions masquerading as legitimate utilities. A cluster of 16 extensions—ranging from screen capture tools to ad blockers and emoji keyboards—was identified as injecting malicious code into users’ browsers. According to GitLab Threat Intelligence, these extensions facilitate […]
CVE-2025-27154: Spotipy Vulnerability Exposes Spotify Auth Tokens
Spotipy, a popular Python library for interacting with the Spotify Web API, recently addressed a security vulnerability that could have exposed users’ authentication tokens. The vulnerability, identified as CVE-2025-27154 and assigned a CVSSv4 score of 8.4, stemmed from the way the library’s CacheHandler class created a cache file to store the Spotify auth token. The cache file, […]
New PayPal Scam Tricks Users with Convincing Ads and Pages
A new scam targeting PayPal customers has been identified, using convincing Google search ads and specially-crafted PayPal pay links to deceive users. This scheme is particularly dangerous on mobile devices due to their limited screen size and the lower likelihood of having security software installed. The scammers create ads that impersonate PayPal, often using hacked […]