Lumma Stealer, coming and going
The high-profile information stealer switches up its TTPs, but keeps the CAPTCHA tactic; we take a deep dive
Similar Posts
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
Bys sThe cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. “The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a…
The art of restraint: why not every system should be owned
Bys sJesse William McGraw writes: Greetings, reader! I want to talk about my former life as a blackhat hacker because it never makes any sense. Many of my rampant hacking campaigns focused on breaking into big servers across several industries but not on seizing the networks by the throat and forcing them to their knees. I…
DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked
Bys sBuzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data. The ClickHouse database “allows full control over database operations, including the ability to access internal data,”…
Star Health hacker claims sending bullets, threats to top executives: Reports
Bys sSheersh Kapoor reports: The hacker responsible for a major data breach at Star Health and Allied Insurance last year has reportedly claimed responsibility for sending death threats and bullet cartridges to the insurer’s top executives. According to Reuters, a person using the alias ‘xenZen’ said in a March 13 email that they mailed two packages…
Confidence in ransomware recovery is high but actual success rates remain low
Bys sIan Barker reports: A new study from OpenText of nearly 1,800 global IT and security leaders shows a false sense of confidence in ransomware readiness. The report shows that 95 percent of respondents say they’re confident in their ransomware recovery — yet only 15 percent of those attacked have fully recovered their data. In a rapidly changing threat landscape……
Compromised AWS Keys Abused in Codefinger Ransomware Attacks
Bys sA ransomware group tracked as Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C. The post Compromised AWS Keys Abused in Codefinger Ransomware Attacks appeared first on SecurityWeek.