The Play ransomware group has developed two custom tools in.NET, namely Grixba and VSS Copying Tool, which it uses to improve the effectiveness of its cyberattacks. [...]

March 2023 was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, an increase of 91% from the previous month and 62% compared to March 2022. [...]

The Australian Competition & Consumer Commission (ACCC) says Australians lost a record $3.1 billion to scams in 2022, an 80% increase over the total losses recorded in 2021. [...]

Security researchers have released yet another sandbox escape proof of concept (PoC) exploit that makes it possible to execute unsafe code on the host running the VM2 sandbox. [...]

A new Android trojan called 'Chameleon' has been targeting users in Australia and Poland since the start of the year, mimicking the CoinSpot cryptocurrency exchange, an Australian government agency, and the IKO bank. [...]

A new Android malware named 'Goldoson' has infiltrated the platform's official app store, Google Play, through 60 apps that collectively have 100 million downloads. [...]

The Vice Society ransomware gang is deploying a new, rather sophisticated PowerShell script to automate data theft from compromised networks. [...]

The Federal Security Service of the Russian Federation (FSB) has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure in the country since the beginning of 2022. [...]

A new Python-based credential harvester and SMTP hijacking tool named 'Legion' is being sold on Telegram, allowing cybercriminals to automate attacks against online email services. [...]

Hyper-volumetric DDoS (distributed denial of service) attacks in the first quarter of 2023 have shifted from relying on compromised IoT devices to leveraging breached Virtual Private Servers (VPS). [...]

A Kyocera Android printing app is vulnerable to improper intent handling, allowing other malicious applications to abuse the flaw to download and potentially install malware on devices. [...]

Hyundai has disclosed a data breach impacting Italian and French car owners and those who booked a test drive, warning that hackers gained access to personal data. [...]

Enterprise software vendor SAP has released its April 2023 security updates for several of its products, which includes fixes for two critical-severity vulnerabilities that impact the SAP Diagnostics Agent and the SAP BusinessObjects Business Intelligence Platform. [...]

Hackers are compromising websites to inject scripts that display fake Google Chrome automatic update errors that distribute malware to unaware visitors. [...]

The Kodi Foundation has disclosed a data breach after hackers stole the organization's MyBB forum database containing user data and private messages and attempted to sell it online. [...]

Malware developers have created a thriving market promising to add malicious Android apps to Google Play for $2,000 to $20,000, depending on the type of malicious behavior cyber criminals request. [...]

The Dutch government will adopt the RPKI (Resource Public Key Infrastructure) standard on all its systems before the end of 2024 to upgrade the security of its internet routing. [...]

A threat group called ARES is gaining notoriety on the cybercrime scene by selling and leaking databases stolen from corporations and public authorities. [...]

Proof-of-concept exploit code has been released for a recently disclosed critical vulnerability in the popular VM2 library, a JavaScript sandbox that is used by multiple software to run code securely in a virtualized environment. [...]

An estimated one million WordPress websites have been compromised during a long-lasting campaign that exploits "all known and recently discovered theme and plugin vulnerabilities" to inject a Linux backdoor that researchers named Balad Injector. [...]

A new malware strain called Rilide has been targeting Chromium-based web browsers like Google Chrome, Brave, Opera, and Microsoft Edge, to monitor user browsing history, snap screenshots, and inject scripts that can steal cryptocurrency. [...]

The Medusa ransomware gang has claimed a cyberattack on the Open University of Cyprus (OUC), which caused severe disruptions of the organization's operations. [...]

Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as "Money Message," which claims to have stolen source code from the company's network. [...]

Telegram has become the working ground for the creators of phishing bots and kits looking to market their products to a larger audience or to recruit unpaid helpers. [...]

A new dark web marketplace called STYX launched earlier this year and appears to be on its way to becoming a thriving hub for buying and selling illegal services or stolen data. [...]