HeartCrypt’s wholesale impersonation effort
How the notorious Packer-as-a-Service operation built itself into a hydra
Similar Posts
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
Bys sA suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims’ Microsoft 365 credentials and conduct account takeover attacks. The activity, ongoing since September 2025, is being tracked by Proofpoint under the moniker UNK_AcademicFlare. The attacks involve using compromised email addresses belonging to government
New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers
Bys sCybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS and PE headers, according to new findings from Fortinet. The DOS (Disk Operating System) and PE (Portable Executable) headers are essential parts of a Windows PE file, providing information about the executable. While the DOS header makes the…
TransUnion notifying more than 4.4 U.S. million consumers of data breach
Bys sWhen companies have big breaches, they have to notify the big credit reporting agencies. However, it is now one of the major credit reporting agencies that must send notifications. TransUnion has notified the Maine Attorney General’s Office that 4,461,511 people were affected by an incident on July 28, 2025 that involved an unnamed third-party application…….
Europe’s GDPR cops dished out €1.2B in fines last year as data breaches piled up
Bys sCarly Page reports: GDPR fines pushed past the £1 billion (€1.2 billion) mark in 2025 as Europe’s regulators were deluged with more than 400 data breach notifications a day, according to a new survey that suggests the post-plateau era of enforcement has well and truly arrived. The figures come from the latest GDPR Fines and Data Breach……
‘Trickery and f…ery’: Agency under fire over senior manager’s ‘serious’ privacy breach
Bys sPaul Penfold reports a failure-to-use-bcc field breach that exposed extremely sensitive data: A government agency whose job is to support abuse survivors is accused of instead causing harm by accidentally exposing the identities of more than 30 Lake Alice torture survivors in a botched email. Former staff say they repeatedly warned the Crown Response Office……
TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2023-33538 (CVSS score: 8.8), a command injection bug that could result in the execution of arbitrary system commands when