Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams
For years, the North Korean government has found a burgeoning source of sanctions-evading revenue by tasking its citizens with secretly applying for remote tech jobs…
Month: June 2025
Scammers have a new tactic: impersonating DOGE
Scammers are impersonating the Department of Government Efficiency in an effort to steal personal information and possibly take advantage of people who believe they’ll receive…
Hackers Deliver Remcos Malware Via .pif Files and UAC Bypass in Windows
A sophisticated phishing campaign has emerged, distributing the notorious Remcos Remote Access Trojan (RAT) through the DBatLoader malware. This attack chain, analyzed in ANY.RUN’s Interactive…
U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini June 30, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds…
What the NULL?! Wing FTP Server RCE (CVE-2025-47812)
While performing a penetration test for one of our Continuous Penetration Testing customers, we’ve found a Wing FTP server instance that allowed anonymous connections. It…
US authorities unmask North Korean IT worker schemes and their American accomplices
Listen to the article 5 min This audio is auto-generated. Please let us know if you have feedback. The Department of Justice on Monday announced…
Threat Actors Exploit Facebook Ads to Distribute Malware and Steal Wallet Passwords
The Pi Network community eagerly celebrated Pi2Day, an event traditionally associated with platform updates, feature launches, and significant milestones. However, this year’s festivities have been…
Arrest, seizures in latest U.S. operation against North Korean IT workers
U.S. authorities unsealed indictments, seized financial accounts and made an arrest in the latest attempt to crack down on North Korean remote IT workers as…
Germany asks Google, Apple to remove DeepSeek AI from app stores
The Berlin Commissioner for Data Protection has formally requested Google and Apple to remove the DeepSeek AI application from the application stores due to GDPR violations.…
DragonForce Ransomware Equips Affiliates with Modular Toolkit for Crafting Custom Payloads
DragonForce Ransomware has emerged as a formidable player in the Ransomware-as-a-Service (RaaS) landscape since its debut in December 2023. Initially rooted in ideologically driven cyberattacks,…
Threat Actors Weaponizing Facebook Ads to Deliver Malware and Stealing Wallet Passwords
Cybercriminals have launched a sophisticated campaign exploiting Facebook’s advertising platform to distribute malware and steal cryptocurrency wallet credentials, targeting users worldwide through deceptive Pi Network-themed…
Senator Chides FBI for Weak Advice on Mobile Security – Krebs on Security
Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list…