LucidRook Malware Targets NGOs and Universities in Taiwan
A sophisticated new threat has emerged from the cybersecurity research community's radar. LucidRook malware is the name researchers have given to a newly identified tool used in highly targeted spear-phishing attacks against non-governmental organizations and universities in Taiwan. The attacks, first observed in October 2025, were not the work of opportunistic criminals. They bear the hallmarks of a disciplined, well-resourced
VENOM Phishing Campaign Targets Executives, Bypasses MFA
A sophisticated new phishing operation is going after the people at the top. The VENOM phishing campaign, uncovered by researchers at Abnormal AI, has been quietly targeting CEOs, CFOs, and other senior executives since at least November 2025. It uses a purpose-built platform to steal Microsoft 365 credentials and maintain access to corporate accounts — even after victims change their
Bitcoin Depot Data Breach: $3.6M in Bitcoin Stolen
The Bitcoin Depot data breach has put one of North America's largest crypto ATM operators in the spotlight for all the wrong reasons. Hackers broke into the company's internal systems and walked away with approximately 50.9 Bitcoin — worth around $3.665 million — from corporate settlement accounts. The company disclosed the incident via an SEC filing on April 8, 2026,
US Cybercrime Losses Record: $16.6 Billion Lost in FBI Report
Americans lost more money to cybercrime in 2024 than ever before. The FBI's Internet Crime Complaint Center received over 859,000 complaints last year, with reported losses reaching a record $16.6 billion — a 33% surge from the year before. The US cybercrime losses record reflects not just more attacks, but more damaging ones, with the average victim losing nearly $19,400.
Who Ran REvil Ransomware? Germany Finally Has Answers
For years, one of the most feared names in cybercrime belonged to no one — at least, no one with a face or a real identity. That changed this week. Germany's Federal Criminal Police Office, the Bundeskriminalamt (BKA), has publicly identified two Russian nationals as the men who ran both GandCrab and REvil ransomware — the criminal operations that extorted
Drift Protocol Hack: North Korea’s $280M Long Con
The Drift Protocol hack stands as one of the most elaborate cryptocurrency thefts ever recorded. Attackers did not find a bug, write an exploit, and strike overnight. They spent six months building relationships, attending conferences, depositing real money, and embedding themselves inside a live trading platform before making their move. What Is Drift Protocol? Drift Protocol is a decentralized trading
Fake Claude Code Repos on GitHub Are Spreading Malware
Anthropic's accidental leak of the Claude Code source code on March 31 set off a frenzy of downloads across GitHub. Developers, researchers, and the simply curious all rushed to grab the exposed files. Criminals saw that rush and moved fast. Within 24 hours, fake GitHub repositories carrying Claude Code malware were live — and actively appearing in Google search results
NoVoice Malware Hits 2.3 Million Android Devices via Google Play
A new Android rootkit campaign called NoVoice malware has been discovered hiding inside more than 50 apps on Google Play. The apps collected at least 2.3 million downloads before being removed. Researchers warn that millions of devices may still be compromised. What Is NoVoice Malware? NoVoice malware is a rootkit. That means it burrows into the deepest layers of a
CrystalX RAT: The Malware That Spies, Steals, and Trolls You
A new piece of Windows malware is turning heads in the cybersecurity world. CrystalX RAT is a remote access Trojan discovered in early 2026. It combines spyware, credential theft, and cryptocurrency hijacking with "prankware" features. These features flip your screen, scramble your mouse buttons, and lock your keyboard, all while quietly draining your data in the background. What Is CrystalX
