Kimsuky’s AppleSeed Returns: North Korea-Linked APT Targets Korean Users via Social Media

Kimsuky, a North Korea-linked threat group, has launched an advanced multi-platform attack targeting Korean users through social engineering and sophisticated malware. The campaign demonstrates the group’s evolving tactics, including the use of Facebook, email, and Telegram to infiltrate and exfiltrate data from victims. #Kimsuky #AppleSeed #RemoteAccessTrojan #SocialEngineering…

Read More
⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks

This cybersecurity update highlights recent critical vulnerabilities, advanced malware campaigns, and nation-state hacking activities, emphasizing the importance of proactive defense. Key incidents include Google Chrome fixing an exploited 0-day, PathWiper targeting Ukraine, and sophisticated zero-click attacks on iPhones. #ChromeZeroDay #PathWiper #SaltTyphoon…

Read More
iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals

Anomalous iPhone crashes linked to sophisticated zero-click exploits targeting a vulnerability called Nickname have been observed mainly in high-value individuals in the EU and US. These targeted attacks, associated with Chinese state-sponsored hackers, exploit iMessage vulnerabilities to potentially compromise devices without user interaction. #NickameVulnerability #ChineseHackers…

Read More
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025

Cybersecurity researchers have uncovered a new campaign targeting Brazilian users using malicious browser extensions and remote access tools to steal banking authentication data. The attack involves phishing emails, malware-laden installers, and sophisticated persistence techniques, affecting numerous companies and individuals. #OperationPhantomEnigma #BrazilianBankingTrojan…

Read More
Over 20 Crypto Phishing Applications Found on the Play Store Stealing Mnemonic Phrases

Over 20 malicious Android applications impersonating popular cryptocurrency wallets like PancakeSwap and SushiSwap have been found on the Google Play Store, targeting users to steal their 12-word mnemonic phrases. These apps are distributed via compromised developer accounts and use phishing URLs embedded in privacy policies to execute their attacks. #PancakeSwap #SushiSwap #Raydium #MedianFramework

Read More
In Other News: FBI Warns of BadBox 2, NSO Disputes WhatsApp Fine, 1,000 Leave CISA

This week’s cybersecurity updates highlight ongoing threats, including the BadBox 2 botnet targeting IoT devices and fraud associated with Hedera Hashgraph NFTs. Major organizations like the FBI, NSO Group, and Microsoft announced actions and initiatives to combat cyber threats and improve security resilience. #BadBox2 #NSOGroup #HederaHashgraph #CISA #MicrosoftEuropeanSecurity…

Read More
Say Hi to HelloTDS: The Infrastructure Behind FakeCaptcha

Key PointsGen Threat Labs uncovered a sophisticated Traffic Direction System called HelloTDS that selectively delivers FakeCaptcha, tech scams, and malware via infected streaming and file-sharing sites. The campaign employs advanced fingerprinting techniques and domain rotation to evade detection and target victims based on geolocation, IP address, and browser attributes. #HelloTDS #FakeCaptcha #LummaC2

Read More
Operation DRAGONCLONE: Chinese Telecommunication industry targeted via VELETRIX & VShell malware

A sophisticated cyber campaign named Operation DRAGONCLONE targeted China Mobile Tietong using VELETRIX and VShell malware, employing DLL sideloading, anti-sandbox, and IPfuscation techniques. The activity is linked to China-aligned threat groups UNC5174 and Earth Lamia, with overlaps to multiple post-exploitation tools and infrastructure. #OperationDRAGONCLONE #VELETRIX #VShell #ChinaMobileTietong #UNC5174 #EarthLamia

Read More