Lumma Infostealer Returns After Global Takedown
The Lumma infostealer malware has made a swift comeback after a coordinated takedown effort by global law enforcement agencies in May 2025. Despite the seizure of over 2,300 domains and major disruption to its infrastructure, the malware-as-a-service (MaaS) platform has bounced back with new distribution tactics and restored capabilities. Major Disruption, Minor Setback Lumma, also known as LummaC2, was targeted
LameHug Malware Uses LLM to Automate Windows Data Theft
LameHug, a newly discovered Python-based malware, is raising alarms in the cybersecurity world by becoming the first known malicious tool to leverage a large language model (LLM) in real time. This cutting-edge threat utilizes Hugging Face’s Qwen 2.5‑Coder‑32B‑Instruct model to dynamically craft Windows commands used for data theft and system reconnaissance, making detection and mitigation significantly more challenging. A New
Google Sues Badbox 2.0 Operators Behind 10 Million Device Botnet
Google sues Badbox 2.0 operators in a sweeping legal move to disrupt one of the largest Android botnets ever recorded. The tech giant’s lawsuit targets anonymous actors responsible for distributing malware through uncertified Android devices, primarily cheap TV streaming boxes. Over 10 million devices worldwide have been compromised. Filed in the Southern District of New York, the case aims to
Army Hacker Extortion Case: U.S. Soldier Pleads Guilty in Tech Firm Attacks
A U.S. Army soldier has pleaded guilty to a shocking cyber extortion scheme that targeted major tech and telecom companies while he was actively serving. The Army hacker extortion case reveals how Cameron John Wagenius, 21, exploited his military status and technical tools to breach company networks, steal data, and demand ransom payments. Who Is Cameron Wagenius? Wagenius was stationed
SatanLock Ransomware Group Abruptly Shuts Down, Leaks Stolen Data
The notorious SatanLock ransomware gang has unexpectedly announced its shutdown. The announcement raises fresh questions about the shifting dynamics within the cybercriminal ecosystem. The gang revealed this on July 9, 2025, via the group’s dark web site and Telegram channel. It turns out they not only end their operations but also the decide to leak all victim files. A Short-Lived
Malicious Extensions Hijack Chrome and Edge Users
A new large-scale browser security incident has compromised millions of users worldwide. Eighteen popular Chrome and Edge extensions, once trusted by users, have been quietly turned into malicious tools, redirecting users to phishing websites and collecting sensitive browsing data. This alarming discovery highlights the growing threat of 'sleeper agent' extensions—tools that start off clean but turn rogue through stealth updates.
Leaked Shellter Elite Tool Abused by Cybercriminals
A legitimate cybersecurity tool designed for penetration testing has become the latest weapon in the arsenal of cybercriminals, raising fresh concerns about the responsible disclosure of security threats. Shellter Elite, a widely used red-team utility, was leaked earlier this year. Hackers have since abused it to deploy infostealer malware in a string of cyberattacks. From Pentesting to Cybercrime Shellter Elite's
Fake Solana Bot on GitHub Steals Users’ Crypto Wallets
A new cybersecurity threat is targeting crypto enthusiasts using Solana's trading ecosystem. Security researchers from SlowMist have uncovered a malicious GitHub repository posing as a legitimate trading bot for Solana's popular Pump.fun platform. Instead of helping users make trades, the malware embedded in this fake Solana bot steals sensitive wallet information. The Scam: Malicious GitHub Repository The fraudulent repository, named
Fake Crypto Wallet Extensions Flood Firefox Store
A recent surge of malicious browser extensions targeting cryptocurrency users has been uncovered in the Firefox Add-ons Store, putting unsuspecting users at risk of devastating financial losses. Cybersecurity researchers have identified over 40 fake wallet extensions impersonating popular crypto wallets, including MetaMask, Coinbase Wallet, Trust Wallet, Phantom, Exodus, OKX, Keplr, and MyMonero. This malicious campaign, dubbed "FoxyWallet," has been active
Fake Websites Target Shoppers Ahead of Amazon Prime Day
As Amazon Prime Day approaches (July 8-11, 2025), cybercriminals are capitalizing on the shopping frenzy by unleashing a wave of fake websites designed to scam unsuspecting consumers. Recent research by cybersecurity experts at NordVPN has revealed the existence of over 120,000 fraudulent websites mimicking Amazon in just the past two months. What is Prime Day? Prime Day, one of the
