The strange tale of ischhfd83: When cybercriminals eat their own
A simple customer query leads to a rabbit hole of backdoored malware and game cheats
Similar Posts
How ‘Browser-in-the-Middle’ Attacks Steal Sessions in Seconds
Bys sWould you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens if they fall victim to a Browser-in-the-Middle (BitM) attack. Like Man-in-the-Middle (MitM) attacks, BiTM sees criminals look to control the data flow between the victim’s…
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
Bys sThe malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours…
Archer Health was leaking protected health information. Criminals appear to have found it.
Bys sFrom our “No Need to Hack When It’s Leaking” files, a report involving Archer Health, an in-home healthcare provider. Website Planet recently reported a misconfigured bucket that was found by researcher Jeremiah Fowler. The unencrypted and non-password-protected database reportedly contained approximately 145k files (totaling 23 GB). “In a limited sampling of the exposed files, I……
Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches
Bys sClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks where users interact with malicious scripts in their web browser are a fast-growing source of security breaches. ClickFix attacks prompt the user to solve some kind of problem or challenge in the browser — most commonly a CAPTCHA, but also things like fixing an error…
Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin
Bys sCybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files. TI WooCommerce Wishlist, which has over 100,000 active installations, is a tool to allow e-commerce site customers to save their favorite products for later and share the lists…
New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains
Bys sA new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails. The ongoing campaign has been codenamed SERPENTINE#CLOUD by Securonix. It leverages “the Cloudflare Tunnel infrastructure and Python-based loaders to deliver memory-injected payloads through a chain of shortcut files and obfuscated