TamperedChef serves bad ads, with infostealers as the main course
Sophos X-Ops explores a malvertising campaign that leverages Google Ads to distribute an infostealer
Categories: Threat Research
Tags: TamperedChef, EvilAI, infostealer, Sophos X-Ops
Similar Posts
Taiwanese associated with Chinese group behind cyberattacks arrested
Bys sKeoni Everington reports: Two alleged Taiwanese clients of a Chinese ransomware group behind attacks on the Mackay Memorial Hospital and other targets in Taiwan have been arrested and released on bail. According to a Ministry of Justice Investigation Bureau, between February and March, the group CrazyHunter used ransomware to attack hospitals, publicly listed companies, and……
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence
Bys sA critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change. The flaw, assigned the CVE identifier CVE-2025-24859, carries a CVSS score of 10.0, indicating maximum severity. It affects all versions of Roller up to and…
Patient death at London hospital linked to cyber attack on NHS
Bys sRebecca Whittaker reports: The death of a patient has been linked to a cyber-attack on the NHS last year. Cyber criminals attacked two major NHS trusts causing more than 1,000 cancer treatment delays, 2,000 outpatient appointments to be cancelled and more than 1,000 operations postponed. King’s College Hospital NHS Foundation Trust said on Wednesday; a patient died during the cyber…
Thousands of medical records found in auctioned storage unit
Bys sIt’s been a while since we’ve seen one of these types of reports, and yet….. Imani Williams reports: Thousands of medical records containing sensitive patient information were discovered in a Memphis storage unit that went up for auction after the owner failed to pay rent for three months. Jason Lederfine, who buys storage units as……
North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin
Japanese and U.S. authorities have formerly attributed the theft of cryptocurrency worth $308 million from cryptocurrency company DMM Bitcoin in May 2024 to North Korean cyber actors. “The theft is affiliated with TraderTraitor threat activity, which is also tracked as Jade Sleet, UNC4899, and Slow Pisces,” the agencies said. “TraderTraitor activity is often characterized by…
How Interlock Ransomware Infects Healthcare Organizations
Bys sThe Hacker News reports on Interlock: The Interlock ransomware group begins its attack with a strategic and highly deceptive method known as a Drive-by Compromise. This technique allows the group to gain initial access to targeted systems by exploiting unsuspecting users, often through carefully designed phishing websites. Initial Attack of the Ransomware# The attack starts…