The Mask APT Group Returns: Advanced Cross-Platform Espionage Campaign Targets Latin America
A sophisticated cyber-espionage group called The Mask has resurfaced with enhanced multi-platform malware capabilities targeting organizations across Latin America. The threat actor's evolved arsenal includes new frameworks for Windows, macOS, and mobile systems, demonstrating their persistent threat in global cyber-espionage.
Massive Malvertising Campaign Exploits Ad Networks with Fake CAPTCHA Scam
Security researchers uncover 'DeceptionAds' operation serving over 1 million malicious ad impressions daily through 3,000+ compromised websites. The sophisticated campaign uses fake CAPTCHA pages to distribute information-stealing malware while exploiting legitimate advertising infrastructure.
Serbian Police Caught Using Cellebrite Tech to Plant Spyware on Journalists' Phones
Serbian law enforcement used Cellebrite's phone-unlocking technology to secretly install NoviSpy spyware on devices belonging to journalists and activists. The groundbreaking investigation by Amnesty International reveals the first documented case of Cellebrite's tools being misused to enable spyware infections.
Russia's €70M Disinformation Campaign Exposed in Bulgaria and Romania
A Bulgarian cybersecurity firm uncovers a massive Russian influence operation targeting Bulgaria and Romania, with expenditures of €70 million since 2010. The sophisticated campaign used targeted ads, malware, and bot networks to spread propaganda and collect user data.
Windows Privacy Alert: Microsoft Recall Feature Found Storing Sensitive Personal Data
Microsoft's new Windows Recall feature has been discovered capturing and storing screenshots containing sensitive information like credit card and Social Security numbers, despite built-in privacy filters. Security experts recommend immediate disabling of the feature while Microsoft claims improvements are in development.
Krispy Kreme's Digital Operations Hit by Cyberattack, Online Ordering Suspended
Popular doughnut chain Krispy Kreme is battling system disruptions after discovering unauthorized IT activity, impacting digital sales channels while physical stores remain open. The company faces potential financial impact from lost revenue and recovery costs, though daily deliveries continue unaffected.
ZLoader Malware Resurfaces with Advanced DNS Tunneling for Stealthy Attacks
A dangerous new variant of ZLoader malware has emerged with sophisticated DNS tunneling capabilities to mask its command-and-control communications. This 2.9.4.0 version introduces an interactive shell and custom protocols, marking a concerning evolution in malware sophistication.
Critical Windows NTLM Zero-Day Vulnerability Left Unpatched Until April 2024
A severe security flaw affecting all Windows versions allows attackers to capture NTLM credentials through malicious files in Windows Explorer. Microsoft plans to address this zero-day vulnerability in April 2024, leaving systems potentially exposed for months.
Critical Security Breach: Popular Python AI Library Compromised with Crypto Mining Malware
The Ultralytics AI library was discovered distributing malicious cryptocurrency mining code through compromised versions on PyPI. The attack, which exploited GitHub Actions workflows, potentially impacted thousands of AI developers worldwide and highlights growing concerns around supply chain security.
Croatian Port Operator Successfully Blocks 8Base Ransomware Attack
Luka Rijeka, a major Croatian port operator, thwarted a ransomware attack through rapid incident response and system shutdowns. The company's IT team successfully restored operations within days, preventing data loss despite threats from the 8Base ransomware group.