Lumma Stealer, coming and going
The high-profile information stealer switches up its TTPs, but keeps the CAPTCHA tactic; we take a deep dive
Similar Posts
Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware
Bys sThe threat actor known as Confucius has been attributed to a new phishing campaign that has targeted Pakistan with malware families like WooperStealer and Anondoor. “Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries — especially in Pakistan – using spear-phishing and malicious documents as initial
QakBot-Linked BC Malware Adds Enhanced DNS Tunneling and Remote Access Features
Bys sCybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has been developed by threat actors linked to the infamous QakBot loader. “BackConnect is a common feature or module utilized by threat actors to maintain persistence and perform tasks,” Walmart’s Cyber Intelligence team told The Hacker News. “The BackConnect(s) in use were ‘DarkVNC’…
‘No Harm, No Foul:’ Courts Take Tougher Line on Data-Breach Suits
Bys sAngus Loten reports: A deluge of data-breach lawsuits has a growing number of U.S. judges insisting victims show exactly how their leaked personal data caused “tangible harm,” a high bar that is getting more cases tossed out of court. Judges are also requiring plaintiffs to trace any damages back to a particular breach—a tougher condition……
Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts
Bys sCybersecurity researchers have discovered a malvertising campaign that’s targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials. “These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft’s advertising platform,” Jérôme Segura, senior
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
Bys sThreat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the United States. The attack, per the Symantec Threat Hunter Team, part of Broadcom, leveraged CVE-2025-29824, a privilege escalation flaw in the Common Log…
Oracle customers confirm data stolen in alleged cloud breach is valid
Bys sOracle continues to deny it had any breach, but customers and researchers are claiming otherwise. Lawrence Abrams reports: Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor…