Posts by Spartech Software

Recent research by Malwarebytes Labs uncovered a sophisticated cybercriminal campaign in which attackers pay for sponsored Google ads, impersonate major brands, and direct users to fake websites designed to steal credentials and distribute malware.

The Cybernews research team recently uncovered what may be the largest unreported credential leak in history, involving a staggering 16 billion login records exposed across 30 separate datasets. These datasets were most likely generated by various infostealer malware—malicious software designed to harvest sensitive information such as usernames, passwords, and authentication tokens from infected devices.

Thai authorities recently dismantled a sophisticated criminal operation at the eight-storey Antai Holiday Hotel in Pattaya, Chon Buri province. The raid, conducted at 11:30 p.m. on June 16, 2025, uncovered both an illegal gambling den and a cybercrime ring specializing in ransomware attacks.

The North Korean-linked BlueNoroff group, also known as Sapphire Sleet or TA444, has launched a sophisticated social engineering campaign targeting employees in the cryptocurrency sector, specifically those using macOS devices. This latest attack leverages deepfake technology and fake Zoom meetings to deliver backdoor malware.

Krispy Kreme, the international doughnut and coffee chain, suffered a significant ransomware attack in late 2024 that resulted in a major data breach and operational disruptions. The attack was detected on November 29, 2024, when Krispy Kreme noticed unauthorized activity on its IT systems. The company disclosed the incident in an SEC filing on December 11, 2024, confirming disruptions to its online ordering platform, particularly affecting digital sales in the U.S. Physical store operations and deliveries to retail partners, including McDonald’s, continued largely unaffected.

On June 12, 2025, Swiss procurement service provider Chain IQ, along with 19 other companies, was targeted in a large-scale ransomware attack orchestrated by the group Worldleaks (also known as World Leaks, previously Hunters International). The attack resulted in the theft and subsequent dark web publication of sensitive data, including information from major Swiss financial institutions such as UBS and Pictet.

Recently, security researchers at Cato Networks have identified new variants of WormGPT, a tool originally developed as an uncensored large language model (LLM) for cybercriminal activities. These new versions, named keanu-WormGPT and xzin0vich-WormGPT, have been discovered on underground forums such as BreachForums and are accessed via Telegram chatbots on a subscription basis.

The new Jitter-Trap tool from Varonis is designed to help organizations detect stealthy beacon traffic used by attackers to establish and maintain command and control (C2) communication within victim networks. Beacons are commonly employed by threat actors—including state-sponsored groups and cybercriminals—to avoid detection while executing post-exploitation activities such as data exfiltration, lateral movement, and persistent access.

The GodFather banking Trojan has introduced a highly sophisticated virtualization tactic, marking a significant evolution in mobile malware targeting financial and cryptocurrency applications. This technique enables attackers to hijack legitimate apps in real time, making account takeovers more seamless and harder to detect than ever before.