A sophisticated information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to Windows users, with initial detections dating back to April 2025. This .NET-based malware specifically targets stored credentials in web browsers and authentication tokens from popular messaging applications,…
Category: EN
FBI, Microsoft, international cops bust Lumma infostealer service
Credit card theft losses in 2023 alone totaled $36.5M International cops working with Microsoft have shut down infrastructure and seized web domains used to run a distribution service for info-stealing malware Lumma. Criminals paid $250 to $1,000 a month to…
Russia’s Fancy Bear swipes a paw at logistics, transport orgs’ email servers
Their connection? Aiding Ukraine, duh Russian cyberspies have targeted “dozens” of Western and NATO-country logistics providers, tech companies, and government orgs providing transport and foreign assistance to Ukraine, according to a joint government announcement issued Wednesday.… This article has been…
FBI, Microsoft, and international cops bust Lumma infostealer service
Credit card theft losses in 2023 alone totaled $36.5M International cops working with Microsoft have shut down infrastructure and seized web domains used to run a distribution service for info-stealing malware Lumma. Criminals paid $250 to $1,000 a month to…
Wyden: AT&T, T-Mobile, and Verizon weren’t notifying senators of surveillance requests
Sen. Ron Wyden said in a letter that one U.S. phone carrier turned over Senate data to law enforcement without notifying the target. This article has been indexed from Security News | TechCrunch Read the original article: Wyden: AT&T, T-Mobile,…
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics
Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28 (aka BlueDelta, Fancy Bear, or Forest Blizzard), which is linked…
Epic Games’ Fortnite Returns To Apple App Store In US, After Court Ruling
Through gritted teeth? Fortnite has returned to Apple’s App Store in the US, after Judge’s stunning reprimand of Apple This article has been indexed from Silicon UK Read the original article: Epic Games’ Fortnite Returns To Apple App Store In…
Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation
Redmond’s threat hunters found 394,000 Windows systems talking to Lumma controllers, a victim pool included global manufacturers. The post Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Lumma Stealer Malware-as-a-Service operation disrupted
A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most significant infostealer threat at the moment. What is Lumma Stealer? Lumma Stealer is Malware-as-a-Service offering…
What is a firewall and why do I need one?
A firewall is a network security device that prevents unauthorized access to a network by inspecting incoming and outgoing traffic using a set of predetermined security rules. This article has been indexed from Search Security Resources and Information from TechTarget…
Coinbase confirms insiders handed over data of 70K users
Bribed support staff were identified and fired Coinbase says the data of nearly 70,000 customers was handed over by overseas support staff who were bribed by criminals to give up the goods.… This article has been indexed from The Register…
Hackers Masquerade as Organizations to Steal Payroll Logins and Redirect Payments from Employees
ReliaQuest, hackers have deployed a cunning search engine optimization (SEO) poisoning scheme to orchestrate payroll fraud against a manufacturing sector customer. This deceptive strategy involves crafting fake authentication portals that mirror legitimate organizational login pages, manipulating search engine results to…
Docker Zombie Malware Infects Containers for Crypto Mining and Self-Replication
A novel malware campaign targeting containerized infrastructures has emerged, exploiting insecurely exposed Docker APIs to spread malicious containers and mine Dero cryptocurrency. Dubbed a “Docker zombie outbreak” by cybersecurity researchers at Kaspersky, this attack leverages a self-replicating propagation mechanism to…
Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security
A sophisticated new injection campaign has been uncovered, targeting mobile users through malicious third-party JavaScript to deliver a Chinese adult-content Progressive Web App (PWA) scam. This attack, which redirects users to sites like hxxps://xjdm166[.]com, leverages the unique capabilities of PWAs…
CISA Warns of Russian Hackers Attacking Logistics & IT Companies with Windows Utilities
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners, released a joint advisory today warning that Russian military intelligence hackers are targeting Western logistics companies and technology…
PowerDNS Vulnerability Let Attackers Trigger DoS Attack Via Malicious TCP Connection
PowerDNS has released a critical update to address a high-severity vulnerability in its DNS proxy and load balancer, DNSdist, that could allow unauthenticated attackers to cause service disruptions through specially crafted TCP connections. The vulnerability, tracked as CVE-2025-30193 with a…
Windows 11 Administrator Protection Enhances Security Against Elevated Privileges Attacks
Microsoft’s upcoming Administrator protection feature for Windows 11 represents a significant architectural overhaul of Windows security, designed to combat the growing threat of privilege escalation attacks. This new security layer addresses the vulnerabilities associated with traditional administrator accounts by implementing…
IBM Warns of One-Third of Cyber Attacks are Highly Sophisticated to Steal Login Credentials
In a concerning revelation from the latest IBM X-Force 2025 Threat Intelligence Index, approximately one-third of cyber attacks now involve highly sophisticated techniques aimed at stealing login credentials rather than employing traditional brute-force hacking methods. The report highlights that 30%…
Sophisticated & Stealthy Formjacking Malware Targets E-Commerce Checkout Pages
The Wordfence Threat Intelligence team recently uncovered a sophisticated formjacking malware targeting WooCommerce sites. This malware injects a fake payment form into legitimate checkout processes and exfiltrates sensitive customer data to a remote Command & Control (C2) server. Unlike traditional…
Google Returns To Smart Glasses With Kering Eyewear Partnership
Google is once again re-entering the smart glass market with partnership with French firm for its Android XR AI glasses This article has been indexed from Silicon UK Read the original article: Google Returns To Smart Glasses With Kering Eyewear…