Global Infostealer Campaign Hits 4,000 Victims in 62 Countries, Fuels Cybercrime Economy.
Posted inCybersecurity News

Global Infostealer Campaign Hits 4,000 Victims in 62 Countries, Fuels Cybercrime Economy.

A sophisticated cybercrime operation has compromised more than 4,000 victims across 62 countries, exploiting stealthy infostealer malware to harvest sensitive personal information. The attack highlights the growing threat posed by credential-stealing software and the increasing role of encrypted messaging platforms in facilitating the trade of stolen data.
FraudOnTok SparkKitty malware campaign targets TikTok shop owners and their cryptocurrency wallets.
Posted inCybersecurity News

FraudOnTok SparkKitty malware campaign targets TikTok shop owners and their cryptocurrency wallets.

CTM360 says they have exposed a major global cybercrime operation, dubbed “ClickTok,” that is aggressively targeting users of TikTok Shop and similar e-commerce platforms. This sophisticated campaign employs a newly identified spyware variant called SparkKitty to steal cryptocurrency wallet credentials and drain victims’ digital funds.
Adobe issues emergency patches after public release of proof-of-concept code.
Posted inCybersecurity News

Adobe issues emergency patches after public release of proof-of-concept code.

In response to the public release of proof-of-concept (PoC) exploit code, Adobe has released emergency security patches addressing two critical zero-day vulnerabilities affecting Adobe Experience Manager (AEM) Forms on Java Enterprise Edition (JEE). These vulnerabilities could allow unauthenticated attackers to remotely execute code or access sensitive files on unpatched systems, representing a severe threat to organizations using affected versions.
New ReVault vulnerability leaves millions of Dell laptops susceptible to persistent attacks.
Posted inCybersecurity News

New ReVault vulnerability leaves millions of Dell laptops susceptible to persistent attacks.

A newly disclosed security issue known as "ReVault" could leave millions of Dell laptops vulnerable to persistent attacks, with severe implications for both individual and organizational security. Security researchers have discovered that over 100 models of Dell Latitude and Precision laptops, widely used by businesses and government agencies, are affected due to vulnerabilities in the Broadcom BCM5820X series chips—specifically, within Dell’s ControlVault3 secure enclave.
Cisco discloses data breach affecting cisco.com accounts. Basic profile details were leaked through a vishing attack.
Posted inCybersecurity News

Cisco discloses data breach affecting cisco.com accounts. Basic profile details were leaked through a vishing attack.

Cisco has disclosed a data breach affecting Cisco.com user accounts, revealing that unauthorized actors gained access to basic profile information following a sophisticated voice phishing (vishing) attack. The breach was discovered on July 24, 2025, after cybercriminals deceived a Cisco representative and obtained credentials that allowed them to access a third-party cloud-based Customer Relationship Management (CRM) system used by the company.
Microsoft’s Zero Day Quest hacking contest booty increased to $5 million.
Posted inCybersecurity News

Microsoft’s Zero Day Quest hacking contest booty increased to $5 million.

Microsoft has raised the stakes for its flagship security competition, announcing that the prize pool for the 2025 Zero Day Quest hacking contest will be increased to $5 million. This represents the largest reward the company has ever offered for a public security research event, surpassing last year’s total by $1 million. The move underscores Microsoft’s commitment to attracting top security talent and driving innovation in vulnerability research.
Discord’s CDN exploited to deliver a Remote Access Trojan (RAT) disguised as a legitimate OneDrive file.
Posted inCybersecurity News

Discord’s CDN exploited to deliver a Remote Access Trojan (RAT) disguised as a legitimate OneDrive file.

A recent cybersecurity investigation has revealed a sophisticated phishing campaign leveraging Discord’s Content Delivery Network (CDN) to distribute Remote Access Trojan (RAT) malware disguised as legitimate Microsoft OneDrive files. This campaign primarily targets Microsoft 365 users and underscores the evolving tactics employed by cybercriminals to bypass conventional security measures.
D4rk4rmy claims responsibility for cyberattack against Monte-Carlo Société des Bains de Mer (SBM), operator of luxury hotels, casinos, and entertainment venues.
Posted inCybersecurity News

D4rk4rmy claims responsibility for cyberattack against Monte-Carlo Société des Bains de Mer (SBM), operator of luxury hotels, casinos, and entertainment venues.

The cybercrime collective known as D4rk4rmy has asserted responsibility for a significant cyberattack against Monte-Carlo Société des Bains de Mer (SBM), Monaco’s renowned operator of luxury hotels, casinos, and entertainment venues. SBM, founded in 1863, is the backbone of Monaco’s reputation for elegance and exclusivity.