EncryptHub compromised 618+ targets using Microsoft flaws and custom malware after failed freelance attempts.
Category: cybercrime/malcode – Page 3
Fast flux exploits DNS gaps to evade takedowns since 2007, enabling resilient malware and phishing operations.
In 2025, cybersecurity is gaining significant momentum. However, there are still many challenges to address.
Novice hacker Coquettte exposed through OPSEC failure using Proton66 to distribute malware and illicit content via fake antivirus sites.
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0.
The problem stems from the deserialization of untrusted data that could allow attackers with specially crafted Parquet files to gain control of target systems, exfiltrate or modify data, disrupt services, or introduce dangerous payloads such as ransomware.
The vulnerability is tracked under CVE-2025–30065 and has a CVSS v4 score of 10.0. The flaw was fixed with the release of Apache version 1.15.1.
The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to date theft and extortion-only attacks.
As threat intelligence firm Group-IB revealed this week, the cybercrime group remained active despite announcing on November 17, 2024, that it was shutting down due to declining profitability and increased government scrutiny.
Since then, Hunters International has launched a new extortion-only operation known as “World Leaks” on January 1, 2025.
Ivanti patches CVE-2025–22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.
Tax-themed phishing hit 2,300 U.S. firms in Feb 2025 using QR codes and fake login pages.
Lazarus Group deploys GolangGhost via fake job interviews using ClickFix, targeting Windows/macOS users with finance roles.
An Arlington-based venture capital firm has announced it will pour $32 million in funding into cybersecurity startups.
Runtime Ventures, based out of Arlington and Austin, Texas, officially announced the capital commitment today (Wednesday).
It has already made 11 investments from the fund so far, supporting seed-stage cybersecurity companies focused on domains including code analysis, fraud protection, threat detection and browser security.