Fake AI Gaming Firms Target Crypto Users with Malware Scam
Cybercriminals are using fake AI and gaming firms to trick cryptocurrency users into installing malware. These fake companies use professional websites, social media presence, and direct outreach to convince victims to download what they claim is "beta software". But it's actually malware designed to steal wallet credentials and other sensitive data. The campaign, active since early 2024 and still growing,
PerfektBlue: Critical Bluetooth Bug Puts Modern Vehicles at Risk
A newly disclosed set of Bluetooth vulnerabilities is putting millions of modern vehicles at serious risk. The flaws, discovered in the Bluetooth stack used in many car infotainment systems, could allow remote attackers to execute malicious code, all without the victim realizing anything is wrong. The attack, named PerfektBlue, targets a widely deployed software library called BlueSDK, developed by Berlin-based
Malicious Extensions Hijack Chrome and Edge Users
A new large-scale browser security incident has compromised millions of users worldwide. Eighteen popular Chrome and Edge extensions, once trusted by users, have been quietly turned into malicious tools, redirecting users to phishing websites and collecting sensitive browsing data. This alarming discovery highlights the growing threat of 'sleeper agent' extensions—tools that start off clean but turn rogue through stealth updates.
Leaked Shellter Elite Tool Abused by Cybercriminals
A legitimate cybersecurity tool designed for penetration testing has become the latest weapon in the arsenal of cybercriminals, raising fresh concerns about the responsible disclosure of security threats. Shellter Elite, a widely used red-team utility, was leaked earlier this year. Hackers have since abused it to deploy infostealer malware in a string of cyberattacks. From Pentesting to Cybercrime Shellter Elite's
IconAds, a Massive Mobile Ad-Fraud Operation Disrupted
A sophisticated mobile ad-fraud operation, named "IconAds," has been disrupted. The dismantling came after it was discovered that 352 Android applications were secretly bombarding users with intrusive ads while hiding their presence on devices. This extensive campaign, which peaked at over 1.2 billion ad bid requests daily, primarily targeted users in Brazil, Mexico, and the United States. How the IconAds
U.S. Sanctions Aeza Group for Hosting Ransomware Infrastructure
The U.S. Treasury Department has imposed sanctions on Russian internet service provider Aeza Group, accusing the company of knowingly supporting cybercriminal activities by hosting servers used in ransomware and infostealer operations. This move marks a significant escalation in the United States’ ongoing efforts to disrupt the infrastructure that underpins global cybercrime. Aeza Group: A Safe Haven for Cybercriminals Aeza Group,
Fake Zoom Campaign Steals Your Credentials: What To Do?
In a troubling new cybercrime campaign, hackers are deploying fake versions of the popular Zoom video conferencing app to steal sensitive personal data — including login credentials and cryptocurrency wallets. This scheme marks yet another evolution in phishing tactics, with attackers mimicking trusted software to target unsuspecting users. A Familiar App With a Dangerous Twist Security researchers have discovered several
WordPress Theme Hijacked by Malware: What You Need to Know
A popular WordPress themes got hijacked by malware. A critical security flaw in one of the most widely used premium WordPress themes has put thousands of websites at risk. The Motors theme, developed by StylemixThemes and commonly used for car dealership and classified sites, has been found vulnerable to a serious exploit. Cybercriminals now actively use this exploit to hijack
Godfather Malware Is Coming for Your Banking Apps
A new wave of Android-targeting malware is sweeping across devices, and this one is after your money. Called Godfather malware, this powerful banking trojan disguises itself as legitimate apps while quietly hijacking your personal data, banking credentials, and even bypassing two-factor authentication. What Is Godfather Malware? Godfather is an Android banking trojan designed to steal login credentials by impersonating over
Hijacked Discord Invites Spawn Multi-Stage Malware Chains
A Discord invite you embedded in a blog post, social‑media thread, or product FAQ last year may no longer point to the community you intended. Because Discord allows boosted servers to re‑claim expired or deleted vanity codes, threat actors exploit hijacked abandoned Discord invites, attaching them to their own servers, and funnelling visitors into a slick, but malicious, “verification” flow.
