News

Beyond the kill chain: What cybercriminals do with their money (Part 1)

Bys s May 15, 2025

Sophos X-Ops investigates what financially motivated threat actors invest their ill-gotten profits in, once the dust has settled

News

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security
Bys s September 29, 2025

Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated using large language models (LLMs) to obfuscate payloads and evade security defenses. “Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and…

Read More Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security
News

U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm
Bys s July 25, 2025

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology (IT) worker scheme designed to generate illicit revenues for Pyongyang. The sanctions target Korea Sobaeksu Trading Company (aka Sobaeksu United Corporation), and Kim Se…

Read More U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm
News

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
Bys s May 19, 2026

Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN’s Satori Threat Intelligence and Research Team, encompassed 455 malicious Android apps and 183 threat actor-owned command-and-control (C2) domains, turning the infrastructure into a pipeline for multi-stage fraud. “Users

Read More Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
News

INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown
Bys s February 19, 2026

An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries. The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure…

Read More INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown
News

New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
Bys s June 18, 2025

Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities, discovered by Qualys, are listed below – CVE-2025-6018 – LPE from unprivileged to allow_active in SUSE 15’s Pluggable Authentication Modules (PAM) CVE-2025-6019 – LPE from allow_active to root in

Read More New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
News

On Reports of an Alleged Data Breach Involving G-Xchange, Inc. (GCash)
Bys s October 27, 2025

From the National Privacy Commission of the Philippines: October 27, 2025 10:57 AM Last Edit: October 27th, 2025 The National Privacy Commission (NPC) urges the public to exercise heightened vigilance following reports of data leak allegedly involving G-Xchange, Inc., operator of GCash, which surfaced online on 26 October 2025. The NPC has immediately launched an……

Read More On Reports of an Alleged Data Breach Involving G-Xchange, Inc. (GCash)

Similar Posts