Latest coverage for Victims

Those backup plans need backup testing

A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's connected windows, fake a message from their boss, push the phone into a Zoom call, or quietly poison its long-term memory

Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver a remote access trojan (RAT) named DesckVB RAT

Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems

Attackers exploited Meta’s AI support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. Attackers abused Meta’s AI-powered support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. The issue affected several users, including high-profile accounts, before Instagram fixed the flaw. Security researcher Jane Wong and other […]

Zachary Sweeney allegedly traveled to New York, Indiana, Missouri and Georgia to meet and harm numerous victims in person. The FBI began investigating him in 2023. The post Tennessee man linked to 764 accused of series of crimes against children dating back to 2022 appeared first on CyberScoop.

Threat actors from the Silent Ransom Group, aka Luna Moth, are escalating attacks by impersonating IT staff in phone calls and even showing up in person to gain direct access to victim systems

ESET’s 2026 APT Activity Report suggests China-backed APTs are using instability in the region to target victims, as well as continuing activity against organizations around the globe

A Romanian national was sentenced this week to 56 months in federal prison for breaking into an Oregon state government computer network and fr cyberattacks targeting dozens of other U.S. victims. [...]

Travel and leisure giant was just one of many victims of the cybercrooks' crime spree this year

Silent Ransom Group isn’t prolific, but it's demonstrated a knack for attacking the legal services sector with an extraordinary dual use of social engineering and in-person visits to victims’ workstations. The post FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person appeared first on CyberScoop.

Suspected Russian Crime Group Built Resilient Command-and-Control InfrastructureIn a joint operation, CrowdStrike, Google and Shadowserver Foundation disrupted infrastructure used by the Glassworm cybercrime group, cutting off attackers from victims. The group has wielded a remote access Trojan to repeatedly target developers of widely used open-source software.

A 5-year study on the Ransomware Economy found that 30,515 exposed databases were hit by ransom attacks, causing massive damage despite victims never paying. Database extortion doesn’t look like the ransomware stories that usually grab headlines. There’s no slick branding, no leak-site countdown, no gang posting memes on Telegram. In most cases, there’s just a […]

TrendAI™ Research analyzed an intrusion where threat actors used the EtherHiding technique to route ClearFake payload delivery through smart contracts on the BNB Smart Chain testnet. The attack chain ended with two simultaneously deployed stealers, SectopRAT and ACRStealer alongside an on-chain execution tracker that confirmed each victim compromise in real time.

Supply-Chain Attack Uses Malicious GitHub Actions Workflow File to Steal SecretsMore than 5,000 GitHub repositories fell victim to an automated campaign, codenamed "Megalodon," in which an attacker injected malicious GitHub Actions that executed a script designed to steal development environment secrets, plus a variety of keys, tokens and other credentials, researchers said.

Hey, Gemini, how much can we earn from one pump-and-dump cycle?

The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.

Recent Hacks Underscore Persistent and Growing Threats to Smaller OrganizationsSmall and mid-sized healthcare organizations - including medical specialty practices and regional clinics - continue to fall victim disproportionately to hacking incidents, including ransomware attacks and data thefts - affecting large populations of patients. Why does this keep happening?

Premium Deception campaign uses 250 Android apps to silently sign victims up to paid services

'Thousands' of US victims, including 12+ machines owned and operated by Redmond