North Korean IT Workers Infiltrate Fortune 500 Through Remote Work Deception
Thousands of skilled North Korean tech workers have penetrated major corporations by exploiting remote work opportunities and creating elaborate fake identities. The infiltration represents a sophisticated effort to circumvent sanctions while raising concerns about corporate hiring practices and security measures.
Hackers Breach Offshore Digital Bank, Expose 37GB of Crypto Wallet Data
A cybercriminal group called 'Weyhro' claims to have compromised Valens Bank's entire digital infrastructure, exposing sensitive customer data and cryptocurrency operations. The 37GB leak reportedly includes over 400,000 customer records, cryptographic keys, and source code, raising major concerns about offshore digital banking security.
Malicious PyPI Packages Target Bitcoin Users and Payment Systems with Data-Stealing Code
Security researchers discovered three malicious Python packages on PyPI that were downloaded over 39,000 times, designed to steal sensitive data and validate stolen credit cards. The packages masqueraded as Bitcoin library fixes while containing code to steal database files and test stolen payment information.
Global WordPress Malware Campaign 'DollyWay' Infects Over 20,000 Sites
A sophisticated malware operation dubbed 'DollyWay' has compromised more than 20,000 WordPress websites since 2016, redirecting visitors to fraudulent sites. The persistent campaign generates millions of monthly impressions through an advanced traffic direction system while expertly evading detection.
International Crime Ring Busted in $600K Taylor Swift Ticket Scam
A sophisticated cybercrime operation that illegally resold over 900 digital tickets to major events, primarily Taylor Swift concerts, was dismantled by New York prosecutors. The scheme involved StubHub contractors in Jamaica stealing ticket URLs and reselling them at inflated prices through accomplices in Queens.
Cleveland Municipal Court Suspends Operations Following Cybersecurity Breach
The Cleveland Municipal Court and Housing Court have temporarily shut down operations after experiencing a cyber incident that took their systems and website offline. Officials are investigating the situation while essential staff continue working to restore services securely.
Major Data Breach Exposes Black Basta Ransomware Group's Operations and Internal Conflicts
Over 200,000 private messages from the Black Basta ransomware syndicate have been leaked, revealing their sophisticated attack methods and internal discord. The unprecedented data breach provides cybersecurity experts with valuable insights into one of the world's most dangerous cybercriminal organizations.
Hidden Image Tag Malware: New Threat Targets E-commerce Payment Data
Cybercriminals are concealing credit card skimming malware within HTML image tags on e-commerce websites, particularly targeting Magento platforms. This sophisticated technique allows attackers to harvest payment data while evading detection through seemingly innocent code.
Vietnamese Hackers Target Supply Chain with Zero-Day Exploits in VeraCore Software
XE Group, a Vietnamese cybercrime organization, has evolved from credit card theft to sophisticated supply chain attacks by exploiting critical zero-day vulnerabilities in VeraCore. The group deployed advanced web shells to maintain persistent unauthorized access to manufacturing and distribution systems since 2020.
Chinese CDN Exploits AWS and Azure in Massive Cloud Infrastructure Abuse Scheme
Investigation reveals Funnull, a Chinese CDN, is misusing AWS and Azure cloud services to host scam websites through deceptive IP address cycling. The scheme involves over 1,400 rented IPs used for investment scams and fake gambling operations, highlighting growing challenges in cloud security.