HeartCrypt’s wholesale impersonation effort
How the notorious Packer-as-a-Service operation built itself into a hydra
Similar Posts
Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack
Bys sTrust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets. “Our Developer GitHub secrets were exposed in the attack, which gave the attacker…
Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks
Bys sFormer members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access to target networks. “Recently, attackers have introduced Python script execution alongside these techniques, using cURL requests to fetch and deploy malicious payloads,” ReliaQuest said in a report
CISA loses key employee behind early ransomware warnings
Bys sEric Geller reports: A Cybersecurity and Infrastructure Security Agency program that warns organizations about imminent ransomware attacks has suffered a major setback after its lead staffer left the agency rather than take a forced reassignment. David Stern, the driving force behind CISA’s Pre-Ransomware Notification Initiative (PRNI) — through which the agency alerts organizations that ransomware……
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files
Bys sA now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result of insufficient sanitization of HTML content in…
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
Bys sJuniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3. “An Authentication…
The headlines suggested Freedman Healthcare suffered a ransomware attack that affected patient data. The reality was quite different.
Bys sToday’s post is a reminder why maybe we should all wait a bit before just repeating criminals’ claims about an attack. The group known as World Leaks recently added Freedman Healthcare to their leak site, claiming to have acquired 52.4 GB of data comprising more than 42,000 files. Some news sites reporting on the listing…