Dark Partners Cybercrime Gang Fuels AI and Crypto Heists
A new player has entered the cybercrime arena — and they’re not after just your passwords. The Dark Partners cybercrime gang is behind a sophisticated malware campaign that’s targeting users of AI tools, VPN services, and cryptocurrency platforms. By cloning popular websites like Windscribe, Ledger, and Sora, the gang lures victims into downloading malware disguised as legitimate software. The goal:
PumaBot Botnet Compromises Linux IoT Devices
A newly discovered botnet called PumaBot is making rounds in the cybersecurity world. Designed to infiltrate Linux-based systems, this malware takes a focused and stealthy approach, specifically targeting Internet of Things (IoT) devices and surveillance systems through brute-force SSH attacks. Here’s a closer look at how PumaBot operates, what sets it apart from other botnets, and how you can protect
LexisNexis Data Breach Exposes Tons of Personal Information
One of the largest U.S. data brokers has confirmed a security breach that compromised names, Social Security numbers, and other sensitive data. LexisNexis Risk Solutions, a major player in the data brokerage industry, has disclosed a significant data breach. It exposed the personal information of more than 364,000 individuals. The breach occurred on December 25, 2024, and was only discovered
Bumblebee Malware Returns with SEO Poisoning Campaign
Bumblebee malware has re-emerged with a clever and concerning new distribution method. Threat actors are now using search engine optimization (SEO) poisoning to push trojanized versions of trusted networking tools like Zenmap and WinMTR, successfully deceiving even tech-savvy users into downloading malicious software. This campaign underscores the growing sophistication of cyber threats and the need for constant vigilance. What Is
TikTok Videos Spread Malware via ClickFix Attacks
TikTok, the go-to platform for viral dances, life hacks, and bite-sized entertainment, has now entered the radar of cybersecurity experts for a far more sinister reason. A recent report from Trend Micro reveals that cybercriminals are using TikTok videos to spread infostealer malware in a new and deceptive tactic known as "ClickFix." What Is ClickFix? ClickFix is a social engineering
Operation Endgame: Europol Strikes a Blow to Ransomware
In a coordinated international crackdown, Europol, alongside law enforcement agencies from around the globe, has executed a sweeping operation that disrupted some of the world's most notorious ransomware operations. “Operation Endgame”, this large-scale effort resulted in the takedown of 300 servers, the neutralization of 650 domains, and the seizure of €3.5 million in cryptocurrency between May 19 and May 22,
Major Data Leak Exposed Passwords – Over 184 Million Affected
A major data leak exposed millions of passwords, including Facebook, Instagtam, Snapchat and Roblox credentials. The staggering database containing over 184 million login credentials from popular platforms was recently discovered, completely unprotected. This alarming security breach has put millions of users at risk of account takeover, identity theft, and other cyberattacks. The exposed data included plaintext usernames and passwords, suggesting
BadSuccessor Vulnerability: A New Threat in Windows Server 2025
A newly discovered vulnerability in Windows Server 2025, dubbed "BadSuccessor", is raising serious alarms in the cybersecurity community. The flaw targets a recently introduced feature called delegated Managed Service Accounts (dMSAs). It allows attackers to escalate privileges and impersonate virtually any user in Active Directory. This includes highly privileged accounts. Discovered by researchers at Akamai, this unpatched vulnerability affects environments
Malicious Chrome Extensions Are Stealing Your Data
In a new and alarming cybersecurity report, over 100 malicious Google Chrome extensions have been discovered impersonating trusted tools like Fortinet VPN, YouTube downloaders, and AI services. These deceptive extensions were designed not only to lure users with familiar branding, but also to steal sensitive browser data and inject remote scripts. This poses a major threat to anyone using the
Lumma Stealer Disrupted After Infecting 10 Million Devices
In a major win for global cybersecurity, a widespread malware campaign known as Lumma Stealer (LummaC2) has been successfully disrupted after compromising an estimated 10 million systems worldwide. This malicious software, designed to harvest sensitive personal and financial data, had quickly become a tool of choice for cybercriminals across the globe. The takedown marks one of the most significant actions
