XDSpy Resurfaces: Stealthy Cyber-Espionage Campaign Targets Governments with Obscure Windows LNK Flaw

The cybersecurity report reveals the resurgence of the espionage group XDSpy, showcasing its advanced tools and techniques targeting Eastern European and Russian government entities. The campaign exploits a Windows LNK vulnerability (ZDI-CAN-25373) to deploy stealthy malware like XDigo, emphasizing persistent operational security and sophisticated evasion methods. #XDSpy #XDigo #ZDI-CAN-25373…

Read More
Threats to the 2025 NATO Summit

The 2025 NATO Summit faces heightened geopolitical tensions with threats from Russian and Chinese influence operations, cyber-espionage, and hybrid warfare targeting NATO member states. Eastern European countries, especially the Baltics, Poland, and Germany, are at elevated risk of sabotage, disinformation, and coercive military actions leading up to and following the summit. #2025NATOSummit #RussianHybridWarfare #GRUUnit29155

Read More
Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data

Check Point Research uncovered a multi-stage malware campaign targeting Minecraft users via the Stargazers Ghost Network, distributed through malicious GitHub repositories impersonating popular cheats like Oringo and Taunahi. The malware chain involves Java-based loaders and a .NET stealer, developed by a Russian-speaking threat actor, that steals credentials and sensitive data from infected machines. #StargazersGhostNetwork #Oringo #Taunahi

Read More
Russia detects first SuperCard malware attacks skimming bank data via NFC

Russian cybersecurity experts have uncovered the first domestic use of modified NFC malware, signaling a potential expansion of NFC-based data theft campaigns. The SuperCard malware, distributed via MaaS and marketed openly on Telegram, targets payment system data to facilitate fraudulent transactions and bank fund transfers. #SuperCard #NFCGate #AndroidThreats #FinancialFraud…

Read More
SadFuture: Mapping XDSpy latest evolution

This report investigates a 2025 cyber-espionage campaign by the XDSpy threat actor targeting Eastern European and Russian government entities using the XDigo malware and exploiting a Microsoft Windows LNK vulnerability (ZDI-CAN-25373). It provides detailed technical analysis of the malware, infection chains, infrastructure, and attribution tying the activity to XDSpy. #XDSpy #XDigo…

Read More
Ransom! 099 ISP

The Handala hack has compromised 099 ISP in Russia, infiltrating their internal infrastructure and dispatching over 150,000 malicious warning emails through their official servers. This cyberattack highlights severe vulnerabilities in their digital security, impacting Russia. #Russia

Read More
Cybersecurity News | Daily Recap [13 Jun 2025]

Recent cybersecurity updates highlight ongoing ransomware exploits such as SimpleHelp vulnerabilities exploited by DragonForce and the Fog ransomware attack linked to APT41, along with major data breaches like McLean Mortgage involving Black Basta. Privacy concerns have also intensified with Apple patching zero-click spyware vulnerabilities and the emergence of Predator spyware infrastructure in Mozambique. Hashtags: #SimpleHelp #DragonForce #FogRansomware #APT41 #McLeanMortgage #BlackBasta #GraphiteSpyware #PredatorSpyware

Read More
Belarusian hackers taunt Kaspersky over report detailing their attacks

The Cyber Partisans, a Belarusian hacktivist group, have been the focus of Kaspersky’s recent detailed report revealing their tools and tactics. The group defends their methods, highlighting their political motivations and recent large-scale operations against Belarusian and Russian targets. #CyberPartisans #Vasilek #Pryanik #BelarusianRailway #KasperskyReport…

Read More