Cybercrime

July 4, 2025

A systems breach at Louis Vuitton Korea in June led to the leak of some of customer data including contact information, but did not involve customers’ financial information, the luxury brand’s South Korea unit said on Friday. “We regret to inform that an unauthorized third party temporarily accessed our system resulting in the leak of some ...

July 4, 2025

In late 2024, Chinese state-sponsored threat actors abused multiple zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices to access French government agencies, as well as numerous commercial entities such as telcos, finance, and transportation organizations. The news was recently confirmed by the French National Agency for the Security of Information Systems (ANSSI), which noted threat ...

July 3, 2025

Elastic Security Labs is observing multiple campaigns that appear to be leveraging the commercial AV/EDR evasion framework, SHELLTER, to load malware. SHELLTER is marketed to the offensive security industry for sanctioned security evaluations, enabling red team operators to more effectively deploy their C2 frameworks against contemporary anti-malware solutions. SHELLTER, like many other offensive security tools (OSTs), is ...

July 3, 2025

The “El Chapo” Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to identify and kill potential witnesses, the US Department of Justice has said. And seven years on, the Bureau’s defenses against this kind of surveillance are still inadequate. The findings came to light in a June ...

July 3, 2025

Ransomware gang Hunters International has shut up shop and offered decryption keys to all victims as a parting favor. Announcing the news on Thursday morning, the gang deleted all victim data from its dark web leak site and issued a statement confirming its closure. “We, at Hunters International, wish to inform you of a significant decision regarding ...

July 3, 2025

The FBI warns the public about criminals targeting US stock investors through social media platforms and messaging service applications (apps). The scheme, known as a “ramp-and-dump” stock manipulation, targets US investors through online engagement, often via social media advertisements or messages promoting an “investment club” of fellow investors, some of which may be bots or ...

July 2, 2025

In April 2025, Huntabil.IT observed a targeted attack on a Web3 startup, attributing the incident to a DPRK threat actor group. Several reports on social media at the time described similar incidents at other Web3 and Crypto organizations. Analysis revealed an attack chain consisting of an eclectic mix of scripts and binaries written in AppleScript, C++ ...

July 2, 2025

A security vulnerability in a stealthy Android spyware operation called Catwatchful has exposed thousands of its customers, including its administrator. The bug, which was discovered by security researcher Eric Daigle, spilled the spyware app’s full database of email addresses and plaintext passwords that Catwatchful customers use to access the data stolen from the phones of their ...

July 2, 2025

Brazil’s central bank said on Wednesday that technology services provider C&M Software, which serves financial institutions lacking connectivity infrastructure, had reported a cyberattack on its systems. The bank did not provide further details of the attack, but said in a statement that it ordered C&M to shut down financial institutions’ access to the infrastructure it operates. ...

July 2, 2025

Attackers are increasingly exploiting Windows shortcut (LNK) files for malware delivery. Palo Alto Unit 42 telemetry revealed 21,098 malicious LNK samples in 2023, which surged to 68,392 in 2024. In this article, Unit 42 researchers present an in-depth investigation of LNK malware, based on analysis of 30,000 recent samples. Windows shortcut files use the .lnk file ...