New hacker group uses LockBit ransomware variant to target Russian companies

A cybercrime group called DarkGaboon has been conducting targeted ransomware attacks on Russian companies across multiple sectors, using LockBit 3.0 ransomware and phishing emails in Russian. Although their methods are similar to other LockBit operations, DarkGaboon operates independently and primarily targets financial departments with malicious documents. #DarkGaboon #LockBit3.0 #RussianCyberattacks…

Read More
Sleep with one eye open: how Librarian Ghouls steal data by night

Librarian Ghouls, an APT group targeting Russian and CIS entities, employs legitimate third-party software and scripting rather than custom malware for its attacks, focusing on credential theft and deploying a crypto miner. Their ongoing campaign features phishing emails, remote access tools, and complex infection stages, with hundreds of victims primarily in Russia and neighboring countries. #LibrarianGhouls #RareWerewolf #Rezet #XMRig #AnyDesk

Read More
OpenAI Bans ChatGPT Accounts Used by Russian, Iranian, and Chinese Hacker Groups

OpenAI announced the shutdown of ChatGPT accounts linked to Russian-speaking threat actors and Chinese nation-state hacking groups, exploiting AI for malware development, social media automation, research, and cyber campaigns. These groups used the models for developing malware, bypassing security, and executing disinformation and espionage activities. #ScopeCreep #UNC2630 #APT15 #CyberThreatActors…

Read More
⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks

This cybersecurity update highlights recent critical vulnerabilities, advanced malware campaigns, and nation-state hacking activities, emphasizing the importance of proactive defense. Key incidents include Google Chrome fixing an exploited 0-day, PathWiper targeting Ukraine, and sophisticated zero-click attacks on iPhones. #ChromeZeroDay #PathWiper #SaltTyphoon…

Read More
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025

Cybersecurity researchers have uncovered a new campaign targeting Brazilian users using malicious browser extensions and remote access tools to steal banking authentication data. The attack involves phishing emails, malware-laden installers, and sophisticated persistence techniques, affecting numerous companies and individuals. #OperationPhantomEnigma #BrazilianBankingTrojan…

Read More
OpenAI takes down ChatGPT accounts linked to state-backed hacking, disinformation

Threat actors from countries like China, Russia, North Korea, Iran, and the Philippines are exploiting ChatGPT for illicit activities, including social media manipulation, malware development, and employment scams. OpenAI has taken action by banning many involved accounts and sharing indicators with industry partners to combat these threats. #ChatGPTAbuse #CyberThreatActors…

Read More