July 20, 2025

LameHug Malware Uses LLM to Automate Windows Data Theft

LameHug, a newly discovered Python-based malware, is raising alarms in the cybersecurity world by becoming the first known malicious tool to leverage a large language model (LLM) in real time. This cutting-edge threat utilizes Hugging Face’s Qwen 2.5‑Coder‑32B‑Instruct model to dynamically craft Windows commands used for data theft and system reconnaissance, making detection and mitigation significantly more challenging. A New

LameHug Malware
July 17, 2025

Fake AI Gaming Firms Target Crypto Users with Malware Scam

Cybercriminals are using fake AI and gaming firms to trick cryptocurrency users into installing malware. These fake companies use professional websites, social media presence, and direct outreach to convince victims to download what they claim is "beta software". But it's actually malware designed to steal wallet credentials and other sensitive data. The campaign, active since early 2024 and still growing,

Fake AI Gaming Firms
July 14, 2025

PerfektBlue: Critical Bluetooth Bug Puts Modern Vehicles at Risk

A newly disclosed set of Bluetooth vulnerabilities is putting millions of modern vehicles at serious risk. The flaws, discovered in the Bluetooth stack used in many car infotainment systems, could allow remote attackers to execute malicious code, all without the victim realizing anything is wrong. The attack, named PerfektBlue, targets a widely deployed software library called BlueSDK, developed by Berlin-based

PerfektBlue
July 11, 2025

Malicious Extensions Hijack Chrome and Edge Users

A new large-scale browser security incident has compromised millions of users worldwide. Eighteen popular Chrome and Edge extensions, once trusted by users, have been quietly turned into malicious tools, redirecting users to phishing websites and collecting sensitive browsing data. This alarming discovery highlights the growing threat of 'sleeper agent' extensions—tools that start off clean but turn rogue through stealth updates.

Malicious Extensions Hijack Chrome and Edge Users
July 10, 2025

Leaked Shellter Elite Tool Abused by Cybercriminals

A legitimate cybersecurity tool designed for penetration testing has become the latest weapon in the arsenal of cybercriminals, raising fresh concerns about the responsible disclosure of security threats. Shellter Elite, a widely used red-team utility, was leaked earlier this year. Hackers have since abused it to deploy infostealer malware in a string of cyberattacks. From Pentesting to Cybercrime Shellter Elite's

Leaked Shellter Elite Tool
July 4, 2025

IconAds, a Massive Mobile Ad-Fraud Operation Disrupted

A sophisticated mobile ad-fraud operation, named "IconAds," has been disrupted. The dismantling came after it was discovered that 352 Android applications were secretly bombarding users with intrusive ads while hiding their presence on devices. This extensive campaign, which peaked at over 1.2 billion ad bid requests daily, primarily targeted users in Brazil, Mexico, and the United States. How the IconAds

IconAds Operation
July 2, 2025

U.S. Sanctions Aeza Group for Hosting Ransomware Infrastructure

The U.S. Treasury Department has imposed sanctions on Russian internet service provider Aeza Group, accusing the company of knowingly supporting cybercriminal activities by hosting servers used in ransomware and infostealer operations. This move marks a significant escalation in the United States’ ongoing efforts to disrupt the infrastructure that underpins global cybercrime. Aeza Group: A Safe Haven for Cybercriminals Aeza Group,

Aeza Group Sanctioned
July 1, 2025

Fake Zoom Campaign Steals Your Credentials: What To Do?

In a troubling new cybercrime campaign, hackers are deploying fake versions of the popular Zoom video conferencing app to steal sensitive personal data — including login credentials and cryptocurrency wallets. This scheme marks yet another evolution in phishing tactics, with attackers mimicking trusted software to target unsuspecting users. A Familiar App With a Dangerous Twist Security researchers have discovered several

Fake Zoom Campaign Steals Credentials
June 25, 2025

WordPress Theme Hijacked by Malware: What You Need to Know

A popular WordPress themes got hijacked by malware. A critical security flaw in one of the most widely used premium WordPress themes has put thousands of websites at risk. The Motors theme, developed by StylemixThemes and commonly used for car dealership and classified sites, has been found vulnerable to a serious exploit. Cybercriminals now actively use this exploit to hijack

WordPress Theme Hijacked
June 23, 2025

Godfather Malware Is Coming for Your Banking Apps

A new wave of Android-targeting malware is sweeping across devices, and this one is after your money. Called Godfather malware, this powerful banking trojan disguises itself as legitimate apps while quietly hijacking your personal data, banking credentials, and even bypassing two-factor authentication. What Is Godfather Malware? Godfather is an Android banking trojan designed to steal login credentials by impersonating over

Godfather malware