ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories
The internet did not break this week. It got used exactly as designed, which is worse
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The internet did not break this week. It got used exactly as designed, which is worse
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff
Operation Ramz resulted in 201 arrests and disrupted phishing services, malware and financial scams. The post Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa appeared first on CyberScoop.
Cybersecurity researchers have uncovered a large-scale fraud operation that uses Telegram's Mini App feature to run crypto scams, impersonate well-known brands, and distribute Android malware. [...]
A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other malware.
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Google on Thursday announced a new "advanced flow" for Android sideloading that requires a mandatory 24-hour wait period to install apps from unverified developers in an attempt to balance openness with safety
ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data
INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency's ongoing efforts to dismantle criminal networks, disrupt emerging threats, and safeguard victims from scams
150k accounts nuked, 21 suspects arrested Not every scam starts with malware or a compromised account. Sometimes all it takes is a friend request or a link shared via chat.…
Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting malware into it themselves – handing the credential-stealing Lumma infostealer the keys to their browser vault.…
Crims hope for payday from malicious payloads rather than stealing access tokens Microsoft has warned organizations about ongoing OAuth abuse scams that use phishing emails and URL redirects to infect victims' machines with malware and take over their devices.…
Bitcoin Joining Fee for Affiliates and No Proven Victims Cited by ResearchersNewcomer ransomware group 0APT is being branded a "likely scam operation," not least after a list of over 200 supposed victims turned out to be bogus, if not entirely AI-generated - never mind a 1 bitcoin joining fee for would-be affiliates and outdated crypto-locking malware.
The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a Python-based RAT.
Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain names, or common misspellings of popular websites -- are now configured to redirect visitors to sites that foist scams and malware.
Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts and new scams, there’s a lot happening in the cyber world
A malware campaign presents fake websites that can check if a visitor is a potential victim or a security researcher, and then proceed accordingly to defraud or evade.
Cybercrime has stopped being a problem of just the internet — it’s becoming a problem of the real world. Online scams now fund organized crime, hackers rent violence like a service, and even trusted apps or social platforms are turning into attack vectors
Eset: Lazarus Group Shares Backdoor With Newer Pyongyang Threat ActorA gang of North Korean hackers behind fake IT job recruitment scams now have access to a remote access Trojan favored by their more technically advanced counterparts tracked collectively as the Lazarus Group, say security researchers.
Keeping Pyongyang's coffers full North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools, including a backdoor that has much of the same code as Pyongyang's infamous Lazarus Group deploys.…