Rhadamanthys Infostealer Disruption Shakes Cybercrime Market
The Rhadamanthys infostealer disruption has sent shockwaves through the cybercrime world. In early November 2025, operators and paying "customers" suddenly lost access to their web panels and servers. SSH logins switched to certificate-only mode without warning, leaving hackers locked out of their own tools. This abrupt shutdown may indicate a coordinated law enforcement action, potentially linked to Europe’s ongoing Operation
Fake Microsoft Teams Installers Push Oyster Malware in Malvertising Attack
Fake Microsoft Teams installers push Oyster malware through a new malvertising campaign. Cybercriminals exploit paid ads to trick people into downloading malware instead of legitimate software. By imitating Microsoft’s trusted collaboration platform, attackers increase the chances of success. This campaign is especially concerning because Microsoft Teams is a core tool for remote work and daily business communication. Employees often search
TamperedChef Infostealer Hides in Fake PDF Editing App
The TamperedChef infostealer has emerged as a serious threat, hiding inside a fraudulent PDF editor promoted through Google Ads. This deceptive campaign tricked users into downloading an app that appeared legitimate, only to later activate malicious features. With delayed activation and credential theft, the campaign shows how cybercriminals continue to evolve their tactics. Malvertising and the Fake PDF Tool Attackers
Lumma Infostealer Returns After Global Takedown
The Lumma infostealer malware has made a swift comeback after a coordinated takedown effort by global law enforcement agencies in May 2025. Despite the seizure of over 2,300 domains and major disruption to its infrastructure, the malware-as-a-service (MaaS) platform has bounced back with new distribution tactics and restored capabilities. Major Disruption, Minor Setback Lumma, also known as LummaC2, was targeted
Steam Malware Attack Targets Chemia Early Access Game
Hackers have compromised the early access Steam game Chemia, injecting it with info-stealing malware and endangering unsuspecting players. The attack marks the third major Steam-related malware campaign in 2025, raising urgent concerns about the platform’s ability to vet developer uploads. Malware Hidden in Game Files The threat actor known as EncryptHub, also tracked as Larva‑208, tampered with the official Chemia
Fake AI Gaming Firms Target Crypto Users with Malware Scam
Cybercriminals are using fake AI and gaming firms to trick cryptocurrency users into installing malware. These fake companies use professional websites, social media presence, and direct outreach to convince victims to download what they claim is "beta software". But it's actually malware designed to steal wallet credentials and other sensitive data. The campaign, active since early 2024 and still growing,
Leaked Shellter Elite Tool Abused by Cybercriminals
A legitimate cybersecurity tool designed for penetration testing has become the latest weapon in the arsenal of cybercriminals, raising fresh concerns about the responsible disclosure of security threats. Shellter Elite, a widely used red-team utility, was leaked earlier this year. Hackers have since abused it to deploy infostealer malware in a string of cyberattacks. From Pentesting to Cybercrime Shellter Elite's
U.S. Sanctions Aeza Group for Hosting Ransomware Infrastructure
The U.S. Treasury Department has imposed sanctions on Russian internet service provider Aeza Group, accusing the company of knowingly supporting cybercriminal activities by hosting servers used in ransomware and infostealer operations. This move marks a significant escalation in the United States’ ongoing efforts to disrupt the infrastructure that underpins global cybercrime. Aeza Group: A Safe Haven for Cybercriminals Aeza Group,
Fake Zoom Campaign Steals Your Credentials: What To Do?
In a troubling new cybercrime campaign, hackers are deploying fake versions of the popular Zoom video conferencing app to steal sensitive personal data — including login credentials and cryptocurrency wallets. This scheme marks yet another evolution in phishing tactics, with attackers mimicking trusted software to target unsuspecting users. A Familiar App With a Dangerous Twist Security researchers have discovered several
Godfather Malware Is Coming for Your Banking Apps
A new wave of Android-targeting malware is sweeping across devices, and this one is after your money. Called Godfather malware, this powerful banking trojan disguises itself as legitimate apps while quietly hijacking your personal data, banking credentials, and even bypassing two-factor authentication. What Is Godfather Malware? Godfather is an Android banking trojan designed to steal login credentials by impersonating over
