TeleMessage, a modified Signal clone used by US government officials, has been hacked

A hacker has exploited a vulnerability in TeleMessage, which provides modded versions of encrypted messaging apps such as Signal, Telegram, and WhatsApp, to extract archived messages and other data relating to U.S. government officials and companies who used the tool, Read More …

Kidnappers in France target cryptocurrency entrepreneurs for ransom

French police rescued the father of a wealthy cryptocurrency entrepreneur in a nighttime raid after he was taken hostage for ransom, the latest alleged criminal effort in France to extort people involved in the management of digital assets. The man Read More …

Scattered Spider hacking group allegedly behind cyber-attacks on Marks & Spencer

The culprit behind the M&S cyber attack is still a matter of investigation but speculation has pointed to a group called Scattered Spider. Also called UNC3944, Octo Tempest or Muddled Libra, Scattered Spider is a hacking group comprised of hackers Read More …

Cyber criminals claim to have private information of 20 million people who signed up to Co-op’s membership

Cyber criminals have told BBC News their hack against Co-op is far more serious than the company previously admitted. Hackers contacted the BBC with proof they had infiltrated IT networks and stolen huge amounts of customer and employee data. After Read More …

Email Attacks Drive Record Cybercrime Losses in 2024

The FBI’s Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report. And it has revealed a record-breaking surge in cybercrime losses across the United States. Last year, total losses reached $16.6 billion, which is a 33% increase Read More …

Phishing Domains Associated with LabHost PhaaS Platform Users

The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate 42,000 phishing domains linked to the LabHost phishing-as-a-service (PhaaS) platform between November 2021 and April 2024. Prior to being disabled by law enforcement in April 2024, LabHost was Read More …

Gremlin Stealer: New Stealer on Sale in Underground Forum

Unit 42 researchers have identified new information-stealing malware written in C#, called Gremlin Stealer. This stealer’s authors have actively advertised it on a Telegram group since mid-March 2025. This information-stealing malware exfiltrates data from its victims and uploads this information Read More …

Outlaw cybergang attacking targets worldwide

In a recent incident response case in Brazil, we dealt with a relatively simple, yet very effective threat focused on Linux environments. Outlaw (also known as “Dota”) is a Perl-based crypto mining botnet that typically takes advantage of weak or Read More …

Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors

Trend Research uncovered a sophisticated APT campaign targeting government and telecommunications sectors in Southeast Asia. Named Earth Kurma, the attackers use advanced custom malware, rootkits, and cloud storage services for data exfiltration. Earth Kurma demonstrates adaptive malware toolsets, strategic infrastructure Read More …