cybercriminals

Authorities dismantle First VPN, used by ransomware actors

cybercrime, cybercriminals, Eurojust, Europe, Europol, Hot stuff, law enforcement, News, Ransomware, VPN /

Authorities dismantle First VPN, used by ransomware actors 2026-05-21 at 17:12 By Anamarija Pogorelec First VPN, a virtual private network service marketed to cybercriminals, promising anonymity for its users, was taken offline on May 19 and 20 as part of Operation Saffron. During the operation, French and Dutch authorities, with support from Europol and Eurojust, […]

Authorities dismantle First VPN, used by ransomware actors Read More »

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension

cybercriminals, data theft, Don't miss, GitHub, Hot stuff, News, open source, supply chain compromise /

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension 2026-05-20 at 13:47 By Zeljka Zorz Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension Read More »

Scattered Lapsus$ Hunters seeks women for vishing attacks

cybercriminals, Dataminr, Don't miss, Hot stuff, News, social engineering, tips, vishing /

Scattered Lapsus$ Hunters seeks women for vishing attacks 2026-02-26 at 14:55 By Zeljka Zorz The Scattered Lapsus$ Hunters (SLH) hacking collective has launched a recruitment push aimed specifically at women, offering cash payments for participating in voice-phishing (vishing) attacks. A few days ago, threat intelligence firm Dataminr detected posts on a public Telegram channel advertising

Scattered Lapsus$ Hunters seeks women for vishing attacks Read More »

AI is becoming part of everyday criminal workflows

Artificial Intelligence, cybercrime, cybercriminals, Don't miss, Features, Hot stuff, News, research /

AI is becoming part of everyday criminal workflows 2026-02-24 at 09:00 By Mirko Zorz Underground forums include long threads about chatbots drafting phishing emails, generating code snippets, and coaching social engineering calls. A new study examined conversations captured between January 1, 2025 and July 31, 2025 across dozens of cybercrime forums to map how AI

AI is becoming part of everyday criminal workflows Read More »

Initial access broker pleads guilty to selling access to 50 corporate networks

CloudSEK, court, cybercrime, cybercriminals, Don't miss, FBI, Hot stuff, initial access broker, News /

Initial access broker pleads guilty to selling access to 50 corporate networks 2026-01-20 at 15:43 By Zeljka Zorz A 40-year-old Jordanian man has admitted to selling unauthorized access to computer networks of at least 50 companies, the US Attorney’s Office of the District of New Jersey has announced. Feras Khalil Ahmad Albashiti has pleaded guilty

Initial access broker pleads guilty to selling access to 50 corporate networks Read More »

Cybercriminals are scaling phishing attacks with ready-made kits

Barracuda Networks, credentials, cybercrime, cybercriminals, Don't miss, MFA, News, phishing /

Cybercriminals are scaling phishing attacks with ready-made kits 2026-01-08 at 09:10 By Anamarija Pogorelec Phishing-as-a-Service (PhaaS) kits lower the barrier to entry, enabling less-skilled attackers to run large-scale, targeted phishing campaigns that impersonate legitimate services and institutions, according to Barracuda Networks. Phishing kits grow more sophisticated and scalable Barracuda threat analysts found that in 2025

Cybercriminals are scaling phishing attacks with ready-made kits Read More »

How a noisy ransomware intrusion exposed a long-term espionage foothold

APT, cyber espionage, cybercriminals, Don't miss, Hot stuff, News, Positive Technologies, Ransomware, threat detection /

How a noisy ransomware intrusion exposed a long-term espionage foothold 2025-12-02 at 15:15 By Zeljka Zorz Getting breached by two separate and likely unconnected cyber attack groups is a nightmare scenario for any organization, but can result in an unexpected silver lining: the noisier intrusion can draw attention to a far stealthier threat that might

How a noisy ransomware intrusion exposed a long-term espionage foothold Read More »

When IT fails, OT pays the price

critical infrastructure, cybercriminals, cybersecurity, manufacturing sector, News, patching, report, threats, transportation, Trellix /

When IT fails, OT pays the price 2025-11-20 at 07:02 By Anamarija Pogorelec State groups, criminal crews, and hybrid operators are all using familiar IT entry points to reach systems that support industrial processes, according to the latest Operational Technology Threat Report from Trellix. The report covers attacks observed from April through September 2025 and

When IT fails, OT pays the price Read More »

Google uncovers malware using LLMs to operate and evade detection

APT, Artificial Intelligence, cybercriminals, data theft, Don't miss, Google, Hot stuff, LLMs, Malware, News, Threat Intelligence /

Google uncovers malware using LLMs to operate and evade detection 2025-11-05 at 20:53 By Zeljka Zorz PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated example: Google’s latest report shows attackers are now creating and deploying other malware that

Google uncovers malware using LLMs to operate and evade detection Read More »

North Korean IT workers use fake profiles to steal crypto

Cryptocurrency, cybercrime, cybercriminals, Don't miss, ESET, fraud, News, North Korea /

North Korean IT workers use fake profiles to steal crypto 2025-09-25 at 12:04 By Sinisa Markovic ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and focuses on stealing cryptocurrency. It targets freelance developers working on Windows, Linux, and macOS systems.

North Korean IT workers use fake profiles to steal crypto Read More »

AI is rewriting the rules of cyber defense

Artificial Intelligence, cybercriminals, cybersecurity, Lenovo, News, report /

AI is rewriting the rules of cyber defense 2025-09-25 at 07:01 By Anamarija Pogorelec Enterprise security teams are underprepared to detect new, adaptive AI-powered threats. The study, published by Lenovo, surveyed 600 IT leaders across major markets and shows widespread concern about external and internal risks, along with low confidence in current defenses. External AI

AI is rewriting the rules of cyber defense Read More »

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations

Anthropic, APT, Artificial Intelligence, cybercriminals, data theft, Don't miss, ESET, extortion, Hot stuff, LLMs, News, North Korea /

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations 2025-08-28 at 15:29 By Zeljka Zorz Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operation

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations Read More »

Cybercriminals are getting personal, and it’s working

BEC scams, cybercriminals, email security, News, phishing, VIPRE Security /

Cybercriminals are getting personal, and it’s working 2025-08-07 at 09:15 By Help Net Security Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or obfuscated deployments, according to VIPRE Security. These phishing kits can’t easily be reverse-engineered, tracked, or caught. AI makes them

Cybercriminals are getting personal, and it’s working Read More »

Why stolen credentials remain cybercriminals’ tool of choice

credentials, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, N-able, News, opinion, passwords /

Why stolen credentials remain cybercriminals’ tool of choice 2025-07-31 at 09:26 By Help Net Security It’s often the case that the simplest tools have the longest staying power, because they ultimately get the job done. Take duct tape, for example: it’s a sturdy household classic that wasn’t invented to be elegant or high tech. It

Why stolen credentials remain cybercriminals’ tool of choice Read More »

Money mule networks evolve into hierarchical, business-like criminal enterprises

Artificial Intelligence, cybercriminals, cybersecurity, Don't miss, Features, financial industry, fraud, Hot stuff, identity verification, News, ThreatMark /

Money mule networks evolve into hierarchical, business-like criminal enterprises 2025-06-27 at 09:12 By Mirko Zorz In this Help Net Security interview, Michal Tresner, CEO of ThreatMark, discusses how cybercriminals are weaponizing AI, automation, and social engineering to industrialize money mule operations. He looks at how these networks have changed and how behavioral intelligence is helping

Money mule networks evolve into hierarchical, business-like criminal enterprises Read More »

LockBit panel data leak shows Chinese orgs among the most targeted

China, cybercriminals, Don't miss, Hot stuff, manufacturing sector, News, Positive Technologies, Ransomware, Russian Federation, Taiwan, Trellix, USA /

LockBit panel data leak shows Chinese orgs among the most targeted 2025-06-12 at 17:17 By Zeljka Zorz The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate panel has revealed. From that sum, the operators took their 20%

LockBit panel data leak shows Chinese orgs among the most targeted Read More »

How global collaboration is hitting cybercriminals where it hurts

cybercrime, cybercriminals, cybersecurity, Don't miss, Features, Government, Hot stuff, law enforcement, National Crime Agency, News, Ransomware, Threat Intelligence, UK /

How global collaboration is hitting cybercriminals where it hurts 2025-06-03 at 09:03 By Mirko Zorz In this Help Net Security interview, William Lyne, Deputy Director of UK’s National Crime Agency, discusses the cybercrime ecosystem and the threats it enables. He explains how cybercrime is becoming more accessible and fragmented. Lyne also talks about key trends,

How global collaboration is hitting cybercriminals where it hurts Read More »

How cybercriminals are exploiting digital twins to scam crypto users

crypto user, cybercriminals, digital twins, scam /

How cybercriminals are exploiting digital twins to scam crypto users 2025-05-05 at 12:03 By Cointelegraph by SK Arora What is a digital twin? A digital twin is a virtual model or replica of a physical object, system or process. It’s like a digital mirror, allowing us to simulate, monitor and predict the behavior of real-world

How cybercriminals are exploiting digital twins to scam crypto users Read More »

When confusion becomes a weapon: How cybercriminals exploit economic turmoil

cyber resilience, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, Fortra, Hot stuff, News, opinion, social engineering /

When confusion becomes a weapon: How cybercriminals exploit economic turmoil 2025-04-23 at 09:02 By Help Net Security It begins with a simple notification: “Markets in Free Fall.” Within moments, the headlines multiply: new tariffs, emergency actions, plummeting consumer confidence. Across boardrooms and break rooms, anxiety ripples at every level. People begin refreshing inboxes and apps

When confusion becomes a weapon: How cybercriminals exploit economic turmoil Read More »

Inside PlugValley: How this AI vishing-as-a-service group operates

cybercrime, cybercriminals, Don't miss, Fortra, News, Video, vishing /

Inside PlugValley: How this AI vishing-as-a-service group operates 2025-04-17 at 07:41 By Help Net Security In this Help Net Security video, Alexis Ober, Threat Intel Analyst at Fortra, discusses the threat actor group PlugValley, which is now offering AI-powered vishing-as-a-service. Rather than requiring technical skills or large budgets, PlugValley’s service lets any cybercriminal launch vishing

Inside PlugValley: How this AI vishing-as-a-service group operates Read More »

Scroll to Top