Security Affairs

APRIL 21, 2025

Check Point Research team reported that Russia-linked cyberespionage group APT29 (aka SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) is behind a sophisticated phishing campaign targeting European diplomatic entities, using a new WINELOADER variant and a previously unknown malware called GRAPELOADER.

Malware 108

Malware Phishing Encryption Hacking 108

Security Affairs

APRIL 7, 2025

“PoisonSeed threat actors are targeting enterprise organizations and individuals outside the cryptocurrency industry.They have been phishing CRM and bulk email providers credentials to export email lists and send bulk spam from the accounts. The scheme mimics security steps to mislead users into self-compromising.

Scams 77

Scams Cryptocurrency Phishing Cybercrime 77

Security Affairs

JANUARY 5, 2025

The backdoor is distributed through: Phishing emails with themes such as code of conduct to trick users into downloading the malware. Upon executing the archive, it drops a malicious Windows executable, which eventually downloads and executesthe PLAYFULGHOST payloadfrom a remote server. sys driver.

Malware 134

Malware Encryption Phishing Hacking 134

Security Affairs

MARCH 28, 2025

Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns. Clicking the “Download PDF” button leads to a zip payload from MediaFire.

Banking 92

Banking Phishing Malware Passwords 92

Security Affairs

NOVEMBER 15, 2024

Gen Digital observed phishing campaigns distributing the Glove Stealer. The campaign observed by researchers used a phishing message with an HTML file attachment. To extract cookies from Chromium-based browsers, it downloads a module from the C&C to bypass App-Bound encryption.

Encryption 120

Encryption Password Management Cryptocurrency Social Engineering 120

Security Affairs

MAY 28, 2025

Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. DomainTools Intelligence (DTI) researchers warn of a malicious campaign using a fake website (bitdefender-download[.]com) 160 on port 4449.

Antivirus 124

Antivirus Malware Banking Passwords 124

Security Affairs

JULY 18, 2025

The software can be downloaded from the police website and Europol’s NoMoreRansom site. Threat actors behind Phobos attacks were observed gaining initial access to vulnerable networks by leveraging phishing campaigns. The tool works on files with extensions like.phobos,8base,elbie,faust, and.LIZARD, and may support others.

Ransomware 132

Ransomware Encryption Malware Cybercrime 132

Security Affairs

APRIL 30, 2025

Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. “The Nebulous Mantis team, which changes the domains they use every month, obtains these spear-phishing and C2 servers from LuxHost and AEZA bulletproof hosting (BPH) services.”

Encryption 105

Encryption Ransomware Malware Phishing 105

eSecurity Planet

MAY 11, 2025

Technical support consultant using programming to upgrade artificial intelligence simulation model As AI tools boom in popularity, cyberthieves are exploiting the excitement with fake AI video editing platforms that lure users into downloading malware. Document.docx: A disguised batch file that downloads more malware.

Malware 89

Malware Scams Media Artificial Intelligence 89

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 88

Small Business Cybersecurity Scams Passwords 88

Security Affairs

MARCH 24, 2025

Initially, the group published screenshots of stolen data as proof of the attack, now the whole archive can be downloaded from the leak page. The group said that the waiting period had expired and claimed the theft of 134GB of sensitive data. ” reads a report published by Halcyon.

Ransomware 107

Ransomware Hacking Social Engineering Manufacturing 107

SecureList

DECEMBER 16, 2024

The number of unique threads about drainers on the dark web ( download ) In fact, in 2024, Telegram channels were a prominent hub for drainer-related activity. Increase in high-profile law enforcement operations against cybercrime groups 2024 was a significant year in the global high-profile fight against cybercrime.

Marketing 103

Marketing Data breaches Cryptocurrency Malware 103

SecureList

MARCH 25, 2025

Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Amazon Online Shopping was mimicked by 33.19% of all phishing and scam pages targeting online store users in 2024. Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7

Phishing 72

Phishing Banking Scams Mobile 72

Security Affairs

JANUARY 22, 2025

It extracts Python backdoors from ZIP files downloaded via remote SharePoint links and employs techniques associated with the FIN7 threat actor. Once access was established, the attacker used a web browser to download a malicious payload, which was split into parts, reassembled, and unpacked to deploy malware.

Ransomware 98

Ransomware Malware Social Engineering Phishing 98

Malwarebytes

FEBRUARY 4, 2025

Generative AI tools can more convincingly write phishing emails so that the tell-tale signs of a scamlike misspellings and clumsy grammarare all but gone. Cybercrime is a very mature field that relies on a set of well-established tools, such as phishing, information stealers, and ransomware that are already feature complete.

Artificial Intelligence 143

Artificial Intelligence Small Business Malware Technology 143

Security Affairs

FEBRUARY 4, 2025

The Coyote Banking Trojan supports multiple malicious functions, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials. ” The decrypted MSIL file maintains persistence by modifying the Windows registry to execute a PowerShell command that downloads the Coyote Banking Trojan.

Banking 122

Banking Malware Antivirus Cyber threats 122

Security Affairs

JULY 7, 2025

Since March 2025, a targeted phishing campaign against Russian organizations has used fake contract-themed emails to spread the Batavia spyware, a new malware designed to steal internal documents. It also downloads a new malware stage ( javav.exe ) and sets a startup shortcut to launch it on reboot, continuing the infection cycle.

Spyware 92

Spyware Malware Phishing Encryption 92

Malwarebytes

FEBRUARY 19, 2025

But over time, the developers behind TrickBot began adding alarming new features, including the capabilities to steal Outlook credentials, disable Windows Defender, and even to download and deliver additional, separate malware onto infected devices. But in the world of cybercrime, malware features only mean so much.

Malware 129

Malware Software Passwords Cryptocurrency 129

Malwarebytes

DECEMBER 18, 2024

Fake-faced executives The first example is a phishing campaign targeting Securitas OneID. The threat actors are very cautious about avoiding detection by running ads that most of the time redirect to a completely bogus page unrelated to what one would expect, namely a phishing portal. It doesn’t seem like it… yet.

Engineering 100

Engineering Artificial Intelligence Phishing Risk 100

Security Affairs

JULY 7, 2025

Since March 2025, a targeted phishing campaign against Russian organizations has used fake contract-themed emails to spread the Batavia spyware, a new malware designed to steal internal documents. It also downloads a new malware stage ( javav.exe ) and sets a startup shortcut to launch it on reboot, continuing the infection cycle.

Spyware 79

Spyware Malware Phishing Encryption 79

Security Affairs

MAY 4, 2025

CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog Pro-Russia hacktivist group NoName057(16) is targeting Dutch organizations FBI shared a list of phishing domains associated with the LabHost PhaaS platform Canadian electric utility Nova Scotia Power and parent company Emera suffered a cyberattack (..)

Cybercrime 75

Cybercrime Cyber Attacks Malware Phishing 75

Malwarebytes

MARCH 17, 2025

While Google searches are probably one of the most common tasks for any vacation planning, the results that people see can be manipulated through a type of cybercrime called malvertising , short for “malicious advertising. Keep threats off your devices by downloading Malwarebytes today.

Scams 98

Scams Passwords VPN Backups 98

Security Affairs

DECEMBER 31, 2024

Threat actors targeted the publishers of the extensions on the Chrome Web Store via phishing messages, then once obtained access to their account inserted a malicious code into the code of the extensions. “On December 24, a phishing attack compromised a Cyberhaven employee’s credentials to the Google Chrome Web Store.

Hacking 70

Hacking Phishing VPN Malware 70

Malwarebytes

MARCH 20, 2025

Google Ads crew pivots Back in January, we documented a large phishing campaign targeting Google accounts via Google Ads using a very specific technique that abused Google Sites. For new projects, the SaaS platform requests validation from a Google account to allow Semrush to see and download GA and GSC data.

Scams 67

Scams Accountability Phishing Advertising 67

Security Affairs

DECEMBER 12, 2024

Microsoft also assesses that in January 2024, Secret Blizzard used the backdoor of Storm-1837, a Russia-based threat actor, to download the Tavdig and KazuarV2 backdoors on a target device in Ukraine. This approach highlights the groups strategy of blending cybercrime with targeted cyber-espionage activities. dll and clip64.dll

Cybercrime 52

Cybercrime Malware Hacking Cryptocurrency 52

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. This increase is likely driven by high employee turnover and easy access to phishing kits. Meanwhile, “RansomHub” is rising rapidly due to its attractive ransomware-as-a-service (RaaS) model.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Malwarebytes

JUNE 30, 2025

The February spike shows this isn’t random, it’s methodical business development in the cybercrime space. Smishing (SMS phishing) has quickly become one of the most effective tools in the attacker’s playbook. Keep threats off your mobile devices by downloading Malwarebytes for iOS , and Malwarebytes for Android today.

Mobile 101

Mobile Malware Spyware Scams 101

BH Consulting

JUNE 30, 2025

The annual report from Europol’s European Cybercrime Centre draws upon thousands of investigations that Europol supported over the past year. The full 76-page report is available to download. Links we liked If Troy Hunt can fall for a phishing scam, who’s safe? MORE Ubikron is an AI-powered OSINT tool, and it’s free.

Scams 59

Scams DNS Marketing Accountability 59

Malwarebytes

JUNE 26, 2025

These jailbroken AIs could generate unrestricted content, including malicious code , phishing emails , and social engineering scripts. Keep threats off your devices by downloading Malwarebytes today. When successful, they went on to sell these “uncensored” or “custom” large language models (LLMs) on underground forums.

Social Engineering 106

Social Engineering Malware Phishing Engineering 106

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 74

Spyware Firewall Artificial Intelligence Malware 74

Malwarebytes

FEBRUARY 3, 2025

Last week on Malwarebytes Labs: ClickFix vs. traditional download in new DarkGate campaign Cybercrime gets a few punches on the nose Microsoft advertisers phished via malicious Google ads The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?

Healthcare 66

Healthcare Data breaches Cybercrime Advertising 66

Security Boulevard

APRIL 8, 2025

Attackers use phishing, pretexting, and baiting to gain access or information. Defenders use this knowledge to create security awareness training programs and conduct phishing simulations. Download How Cybercriminals Are Using AI: Exploring the New Threat Landscape White Paper.

Cybersecurity 52

Cybersecurity Penetration Testing DNS Encryption 52

Jane Frankland

JANUARY 12, 2025

Threat Actors Cybersecurity threats are growing more complex and persistent, driven by the heightened activities of nation-state actors and increasingly sophisticated cybercrime groups. Organised Cybercrime Groups Up Their Game Cybercriminals arent resting on old tactics with cybercrime expected to hit $12 trillion in 2025.

Cybersecurity 130

Cybersecurity CISO Insurance IoT 130

Zero Day

JUNE 22, 2025

And while financial costs may be a factor, individual victims may face targeted phishing campaigns, social engineering schemes, identity theft, and damage to credit. As cybercrime is global problem, it can be extremely difficult for law enforcement to prosecute the perpetrators.  What is the dark web?

Passwords 101

Passwords Data breaches Password Management Identity Theft 101

BH Consulting

APRIL 30, 2025

Verizon has an executive summary, video analysis and the full report to download from its website. Another lens on cybercrime comes courtesy of the FBIs Annual Internet Crime Report. Its top three cybercrimes, based on reports from victims, were: phishing/spoofing, extortion and personal data breaches. billion.

Data breaches 59

Data breaches Scams Cybercrime CSO 59

Trend Micro

JUNE 10, 2025

6 Alerts Back Unread All Inside the criminal mind: Trend’s deep dive into cybercrime. Worldwide 2023 Email Phishing Statistics and Examples BERT Ransomware Group Targets Asia and Europe on Multiple Platforms See all articles Trend Vision One™ - Proactive Security Starts Here. Under Attack?

Cyber Risk 52

Cyber Risk Risk Network Security Insurance 52

Zero Day

JUNE 20, 2025

And while financial costs may be a factor, individual victims may face targeted phishing campaigns, social engineering schemes, identity theft, and damage to credit. As cybercrime is global problem, it can be extremely difficult for law enforcement to prosecute the perpetrators.  What is the dark web?

Passwords 106

Passwords Data breaches Password Management Identity Theft 106